├── .gitignore ├── go.mod ├── html ├── favicon.ico └── rhythm.gif ├── main.go ├── protocol └── httpServer.go ├── readme.md └── user.json /.gitignore: -------------------------------------------------------------------------------- 1 | # If you prefer the allow list template instead of the deny list, see community template: 2 | # https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore 3 | # 4 | # Binaries for programs and plugins 5 | *.exe 6 | *.exe~ 7 | *.dll 8 | *.so 9 | *.dylib 10 | 11 | # Test binary, built with `go test -c` 12 | *.test 13 | 14 | # Output of the go coverage tool, specifically when used with LiteIDE 15 | *.out 16 | 17 | # Dependency directories (remove the comment below to include it) 18 | # vendor/ 19 | 20 | # Go workspace file 21 | go.work 22 | go.work.sum 23 | 24 | # env file 25 | .env 26 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module server 2 | 3 | go 1.22.0 4 | -------------------------------------------------------------------------------- /html/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Mazzy-Stars/lain_c2/a653f356935d9cb1e78a254339560c842dd26f0c/html/favicon.ico -------------------------------------------------------------------------------- /html/rhythm.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Mazzy-Stars/lain_c2/a653f356935d9cb1e78a254339560c842dd26f0c/html/rhythm.gif -------------------------------------------------------------------------------- /protocol/httpServer.go: -------------------------------------------------------------------------------- 1 | package protocol 2 | 3 | import ( 4 | "crypto/tls" 5 | "fmt" 6 | "io" 7 | "net/http" 8 | "os" 9 | "time" 10 | "strings" 11 | "mime/multipart" 12 | "sync" 13 | ) 14 | var ( 15 | serverMap = make(map[string]*http.Server) 16 | mutex sync.Mutex 17 | ) 18 | type Handler interface { 19 | Index(conn, Get_Msg string) http.HandlerFunc 20 | } 21 | type Putserver interface { 22 | PutServer(port, path, connPath, msgPath, protocol,username,remark string, certFile, keyFile multipart.File, clients int) bool 23 | } 24 | type WLog interface{ 25 | WriteLog(logStr string) 26 | } 27 | func Http_server(handler Handler, ServerManager Putserver, writeLog WLog, port, path, conn_path, GetMsg, protocol, username,remark, defaultCert, defaultKey string, certFile, keyFile multipart.File) { 28 | var err error 29 | var return_str string 30 | 31 | // 确保 path 以 "/" 开头 32 | if !strings.HasPrefix(path, "/") { 33 | path = "/" + path 34 | } 35 | 36 | mux := http.NewServeMux() 37 | mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) { 38 | w.Header().Set("Connection", "keep-alive") 39 | handler.Index(conn_path, GetMsg).ServeHTTP(w, r) 40 | }) 41 | if protocol == "http" { 42 | server := &http.Server{ 43 | Addr: ":" + port, 44 | Handler: mux, 45 | IdleTimeout: 0, 46 | ReadTimeout: 30 * time.Second, 47 | WriteTimeout: 30 * time.Second, 48 | } 49 | 50 | serverMap[port] = server 51 | 52 | current := time.Now() 53 | formattedTime := current.Format("2006.01.02 15:04") 54 | return_str = fmt.Sprintf("%v [*] Start HTTP server successful, access address :%s%s\n", formattedTime, port, path) 55 | writeLog.WriteLog(return_str) 56 | ServerManager.PutServer(port, path, conn_path, GetMsg, protocol, username,remark, certFile, keyFile, 0) 57 | err = server.ListenAndServe() 58 | if err != nil { 59 | return_str = fmt.Sprintf("FAIL TO START HTTP SERVER: %v\n", err) 60 | writeLog.WriteLog(return_str) 61 | } 62 | } else if protocol == "https" { 63 | var cert tls.Certificate 64 | var certBytes, keyBytes []byte 65 | 66 | // 检查是否提供了 certFile 和 keyFile 67 | if certFile != nil && keyFile != nil { 68 | certBytes, err = loadCertificate(certFile) 69 | if err != nil { 70 | return_str = fmt.Sprintf("[*] Failed to load provided certificate: %v\n", err) 71 | writeLog.WriteLog(return_str) 72 | } 73 | keyBytes, err = loadKey(keyFile) 74 | if err != nil { 75 | return_str = fmt.Sprintf("[*] Failed to load provided key: %v\n", err) 76 | writeLog.WriteLog(return_str) 77 | } 78 | } else { 79 | // 使用默认证书 80 | certBytes = []byte(defaultCert) 81 | keyBytes = []byte(defaultKey) 82 | return_str = "[*] Using default certificate and key\n" 83 | writeLog.WriteLog(return_str) 84 | ServerManager.PutServer(port, path, conn_path, GetMsg, protocol,username,remark, nil, nil, 0) 85 | } 86 | 87 | // 创建临时文件存储证书和私钥 88 | certPath, err := writeTempFile(certBytes) 89 | if err != nil { 90 | return_str = fmt.Sprintf("[*] Failed to write certificate to temp file: %v\n", err) 91 | writeLog.WriteLog(return_str) 92 | } 93 | keyPath, err := writeTempFile(keyBytes) 94 | if err != nil { 95 | return_str = fmt.Sprintf("[*] Failed to write key to temp file: %v\n", err) 96 | writeLog.WriteLog(return_str) 97 | } 98 | 99 | cert, err = tls.LoadX509KeyPair(certPath, keyPath) 100 | if err != nil { 101 | return_str = fmt.Sprintf("[*] Failed to load certificate from file: %v\n", err) 102 | writeLog.WriteLog(return_str) 103 | } 104 | 105 | tlsConfig := &tls.Config{ 106 | MinVersion: tls.VersionTLS12, 107 | GetCertificate: func(chi *tls.ClientHelloInfo) (*tls.Certificate, error) { return &cert, nil }, 108 | ClientAuth: tls.NoClientCert, 109 | InsecureSkipVerify: true, 110 | } 111 | 112 | server := &http.Server{ 113 | Addr: ":" + port, 114 | Handler: mux, 115 | IdleTimeout: 0, 116 | ReadTimeout: 30 * time.Second, 117 | WriteTimeout: 30 * time.Second, 118 | TLSConfig: tlsConfig, 119 | } 120 | 121 | serverMap[port] = server 122 | 123 | current := time.Now() 124 | formattedTime := current.Format("2006.01.02 15:04") 125 | return_str = fmt.Sprintf("%v [*] Start HTTPS server successful, access address :%s%s\n", formattedTime, port, path) 126 | writeLog.WriteLog(return_str) 127 | 128 | ServerManager.PutServer(port, path, conn_path, GetMsg, protocol, username,remark, certFile, keyFile, 0) 129 | err = server.ListenAndServeTLS(certPath, keyPath) 130 | if err != nil { 131 | return_str = fmt.Sprintf("FAIL TO START HTTPS SERVER: %v\n", err) 132 | writeLog.WriteLog(return_str) 133 | } 134 | } 135 | } 136 | func StopServer(port string) { 137 | mutex.Lock() 138 | defer mutex.Unlock() 139 | if server, exists := serverMap[port]; exists { 140 | server.Close() 141 | delete(serverMap, port) 142 | } 143 | } 144 | 145 | 146 | // 将证书文件流写入临时文件 147 | func writeTempFile(fileBytes []byte) (string, error) { 148 | tempFile, err := os.CreateTemp("", "cert_*.pem") 149 | if err != nil { 150 | return "", err 151 | } 152 | defer tempFile.Close() 153 | 154 | _, err = tempFile.Write(fileBytes) 155 | if err != nil { 156 | return "", err 157 | } 158 | 159 | return tempFile.Name(), nil 160 | } 161 | 162 | // 从证书文件流加载证书 163 | func loadCertificate(certFile io.Reader) ([]byte, error) { 164 | certBytes, err := io.ReadAll(certFile) 165 | if err != nil { 166 | return nil, err 167 | } 168 | return certBytes, nil 169 | } 170 | 171 | // 从密钥文件流加载密钥 172 | func loadKey(keyFile io.Reader) ([]byte, error) { 173 | keyBytes, err := io.ReadAll(keyFile) 174 | if err != nil { 175 | return nil, err 176 | } 177 | return keyBytes, nil 178 | } 179 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | ### lain_command-control server 2 | agent it supports platforms such as Windows linux、macos、Android。 The currently supported communication protocols are https \ http 3 | 4 | ### update 5 | 6 | Segmented file transfer 7 | 8 | Custom error response 9 | 10 | web-ui 11 | 12 | sharing host to players 13 | 14 | Custom CSS file 15 | 16 | ### Features 17 | 18 | Multiplayer-mode 19 | 20 | Dynamic-encryption 21 | 22 | Cross-platform 23 | 24 | intranet-information-collection 25 | 26 | File-operation 27 | 28 | web-ui 29 | 30 | ### Getting Started 31 | 32 | ```json 33 | { 34 | "users": [ 35 | { 36 | "username": "username", 37 | "password": "dfb95aac49185dd47f008435" 38 | //Change the password field to md5 encryption and remove the last 8 digits 39 | } 40 | ] 41 | } 42 | ``` 43 | 44 | ```cmd 45 | Usage of C:\Users\ADMINI~1\AppData\Local\Temp\go-build1730305847\b001\exe\server.exe: 46 | -DefaultCert 47 | Use default public and private keys 48 | -cert string 49 | Customize public key path 50 | -css string 51 | Use default css file 52 | -key string 53 | Customize private key path 54 | -p string 55 | Port (default "443") 56 | -resp-error string 57 | web error resp (default "error") 58 | ``` 59 | 60 | ##### sniff host choose port 61 | 62 | ![image-20250404161519853](C:\Users\Administrator\AppData\Roaming\Typora\typora-user-images\image-20250404161519853.png) 63 | 64 | ​ [192.168.1(1,20,45...)or(1-253)] [range(1,20,45...)or(1-65534)] [delay]) 65 | 66 | ##### in Remote Shell 67 | 68 | sniff [net.range(1,20,45...)or(1-253)] [range(1,20,45...)or(1-65534)] [delay]) 69 | 70 | my telegram @huchenfeng666,give a straightforward opinion,any opinions are welcome 71 | -------------------------------------------------------------------------------- /user.json: -------------------------------------------------------------------------------- 1 | { 2 | "users": [ 3 | { 4 | "username": "******", 5 | "time": "2024.07.30 22:26", 6 | "password": "dfb95aac49185dd47f008435" 7 | } 8 | ] 9 | } --------------------------------------------------------------------------------