Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dev6 #77

Merged
merged 2 commits into from
Dec 23, 2024
Merged

Dev6 #77

merged 2 commits into from
Dec 23, 2024

Conversation

grisun0
Copy link
Collaborator

@grisun0 grisun0 commented Dec 23, 2024

Descripción

<-- Agrega una descripción del user story !-->

Resumen de los cambios

<-- Agrega una breve descripción de los cambios !-->

Checklist

  • Ejecución correcta
  • Documentación actualizada
  • Se agregaron unit test
  • Unit test estan correctos

Notas

<-- Agrega notas adicionales !-->

Screensshots

@grisun0
new ring 3 rootkit, 3 new listeners go python and c, infect pid with …
35c885b 
…shellcode, new style of c2, download_c2 and upload_c2 and much much more
@grisun0
new ring 3 rootkit, 3 new listeners go python and c, infect pid with …
0732ee5 
…shellcode, new style of c2, download_c2 and upload_c2 and much much more
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 23, 2024
View reviewed changes
lazyc2.py
contentr = "client_id;os;command:output\n"
contentr += f"{client_id};{client};{command};{output}\n"
csv_file = f"sessions/{client_id}.log"
file_exists = os.path.isfile(csv_file)

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to validate and sanitize the client_id before using it to construct the file path. We can use a combination of normalization and validation to ensure that the constructed path is within the intended directory. Specifically, we will:

  1. Normalize the path using os.path.normpath to remove any ".." segments.
  2. Ensure that the normalized path starts with the intended base directory (sessions).
Suggested changeset 1
lazyc2.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/lazyc2.py b/lazyc2.py
--- a/lazyc2.py
+++ b/lazyc2.py
@@ -138,3 +138,6 @@
                 contentr +=  f"{client_id};{client};{command};{output}\n"
-                csv_file = f"sessions/{client_id}.log"
+                base_path = 'sessions'
+                csv_file = os.path.normpath(os.path.join(base_path, f"{client_id}.log"))
+                if not csv_file.startswith(base_path):
+                    raise Exception("Invalid client_id")
                 file_exists = os.path.isfile(csv_file)
EOF
@@ -138,3 +138,6 @@
contentr += f"{client_id};{client};{command};{output}\n"
csv_file = f"sessions/{client_id}.log"
base_path = 'sessions'
csv_file = os.path.normpath(os.path.join(base_path, f"{client_id}.log"))
if not csv_file.startswith(base_path):
raise Exception("Invalid client_id")
file_exists = os.path.isfile(csv_file)
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
lazyc2.py
contentr += f"{client_id};{client};{command};{output}\n"
csv_file = f"sessions/{client_id}.log"
file_exists = os.path.isfile(csv_file)
with open(csv_file, 'a', newline='') as f:

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.

Copilot Autofix AI 3 months ago

To fix the problem, we need to validate and sanitize the client_id before using it to construct the file path. We can use a combination of os.path.normpath and os.path.join to ensure that the constructed path is within the intended directory. Additionally, we can use a regular expression to validate that client_id contains only safe characters (e.g., alphanumeric characters and underscores).

  1. Normalize the client_id using os.path.normpath.
  2. Ensure that the resulting path is within the sessions directory.
  3. Validate client_id using a regular expression to allow only safe characters.
Suggested changeset 1
lazyc2.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/lazyc2.py b/lazyc2.py
--- a/lazyc2.py
+++ b/lazyc2.py
@@ -138,3 +138,6 @@
                 contentr +=  f"{client_id};{client};{command};{output}\n"
-                csv_file = f"sessions/{client_id}.log"
+                safe_client_id = re.sub(r'[^a-zA-Z0-9_]', '', client_id)
+                csv_file = os.path.normpath(os.path.join('sessions', f"{safe_client_id}.log"))
+                if not csv_file.startswith(os.path.abspath('sessions')):
+                    raise Exception("Invalid client_id")
                 file_exists = os.path.isfile(csv_file)
EOF
@@ -138,3 +138,6 @@
contentr += f"{client_id};{client};{command};{output}\n"
csv_file = f"sessions/{client_id}.log"
safe_client_id = re.sub(r'[^a-zA-Z0-9_]', '', client_id)
csv_file = os.path.normpath(os.path.join('sessions', f"{safe_client_id}.log"))
if not csv_file.startswith(os.path.abspath('sessions')):
raise Exception("Invalid client_id")
file_exists = os.path.isfile(csv_file)
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@grisuno grisuno merged commit dd539f2 into main Dec 23, 2024
2 of 3 checks passed
@grisuno grisuno deleted the dev6 branch December 23, 2024 03:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@grisun0 @grisuno