diff options
| author | Bryan McNulty <bryan@falconops.com> | 2025-04-24 14:35:13 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-04-24 14:35:13 -0500 |
| commit | 893580cbd93cd066988ce828f5615ceca509b4a6 (patch) | |
| tree | 177328a2d20d5451e10d99b3a0a550786c83acd4 | |
| parent | 212d6e79f6d77109d20b98c2f08fbff0e8895b9f (diff) | |
| parent | 686e6325870b501c9fda2493599a7c11f573521b (diff) | |
| download | goexec-893580cbd93cd066988ce828f5615ceca509b4a6.tar.gz goexec-893580cbd93cd066988ce828f5615ceca509b4a6.zip | |
Merge pull request #2 from dev branch
Fix Kerberos w/ proxy dialer; Add Go build workflow
| -rw-r--r-- | .github/workflows/go.yml | 28 | ||||
| -rw-r--r-- | TODO.md | 7 | ||||
| -rw-r--r-- | pkg/goexec/dce/options.go | 21 | ||||
| -rw-r--r-- | pkg/goexec/smb/options.go | 3 |
4 files changed, 48 insertions, 11 deletions
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml new file mode 100644 index 0000000..09a5b81 --- /dev/null +++ b/.github/workflows/go.yml @@ -0,0 +1,28 @@ +# This workflow will build a golang project +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go + +name: Go + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +jobs: + + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.24' + + - name: Build + run: go build -v ./... + + - name: Test + run: go test -v ./... @@ -11,7 +11,7 @@ ## SCMR -- [X] Clean up SCMR module +- [X] Clean up SCMR module - [X] add dynamic string binding support - [X] general cleanup. Use TSCH & WMI as reference - [ ] Output @@ -39,8 +39,9 @@ ## Bug Fixes -- [X] Fix SMB transport for SCMR module - `rpc_s_cannot_support: The requested operation is not supported.` -- [X] Fix proxy - EPM doesn't use the proxy dialer +- [X] (Fixed) SMB transport for SCMR module - `rpc_s_cannot_support: The requested operation is not supported.` +- [X] (Fixed) Proxy - EPM doesn't use the proxy dialer +- [X] (Fixed) Kerberos requests don't dial through proxy - [ ] Fix SCMR `change` method so that dependencies field isn't permanently overwritten ## Lower Priority diff --git a/pkg/goexec/dce/options.go b/pkg/goexec/dce/options.go index b554009..d11a157 100644 --- a/pkg/goexec/dce/options.go +++ b/pkg/goexec/dce/options.go @@ -6,6 +6,7 @@ import ( "github.com/FalconOpsLLC/goexec/pkg/goexec" "github.com/RedTeamPentesting/adauth/dcerpcauth" "github.com/oiweiwei/go-msrpc/dcerpc" + "net" ) type Options struct { @@ -34,7 +35,7 @@ type Options struct { Smb bool `json:"use_smb" yaml:"use_smb"` stringBindings []*dcerpc.StringBinding - dialer dcerpc.Dialer + dialer goexec.Dialer authOptions []dcerpc.Option DcerpcOptions []dcerpc.Option EpmOptions []dcerpc.Option @@ -90,20 +91,26 @@ func (c *Client) Parse(ctx context.Context) (err error) { if c.Proxy != "" { // Parse proxy URL - d, err := goexec.ParseProxyURI(c.Proxy) + c.dialer, err = goexec.ParseProxyURI(c.Proxy) if err != nil { return err } - var ok bool - if c.dialer, ok = d.(dcerpc.Dialer); !ok { + if d, ok := c.dialer.(dcerpc.Dialer); !ok { return fmt.Errorf("cannot cast %T to dcerpc.Dialer", d) + + } else { + c.DcerpcOptions = append(c.DcerpcOptions, dcerpc.WithDialer(d)) + c.EpmOptions = append(c.EpmOptions, dcerpc.WithDialer(d)) } - c.DcerpcOptions = append(c.DcerpcOptions, dcerpc.WithDialer(c.dialer)) - c.EpmOptions = append(c.EpmOptions, dcerpc.WithDialer(c.dialer)) + + } else { + c.dialer = &net.Dialer{} } // Parse authentication parameters - if c.authOptions, err = dcerpcauth.AuthenticationOptions(ctx, c.Credential, c.Target, &dcerpcauth.Options{}); err != nil { + if c.authOptions, err = dcerpcauth.AuthenticationOptions(ctx, c.Credential, c.Target, &dcerpcauth.Options{ + KerberosDialer: c.dialer, // Use the same net dialer as dcerpc + }); err != nil { return fmt.Errorf("parse auth c: %w", err) } diff --git a/pkg/goexec/smb/options.go b/pkg/goexec/smb/options.go index 0c2ffb6..4112abf 100644 --- a/pkg/goexec/smb/options.go +++ b/pkg/goexec/smb/options.go @@ -85,7 +85,8 @@ func (c *Client) Parse(ctx context.Context) (err error) { // Validate authentication parameters c.dialer, err = smbauth.Dialer(ctx, c.Credential, c.Target, &smbauth.Options{ - SMBOptions: do, + KerberosDialer: c.netDialer, + SMBOptions: do, }) if err != nil { |