├── README.md ├── assets ├── image-20230307093032359.png ├── image-20230307093119027.png ├── image-20230307093211722.png └── image-20240104111644639.png ├── build.bat ├── cmd ├── ReadandWrite.go ├── encode.go ├── flag.go └── root.go ├── go.mod ├── go.sum └── main.go /README.md: -------------------------------------------------------------------------------- 1 | ## 前言 2 | 3 | ​ 每当获取一个命令执行,但是服务器不出网,不能进行远程下载,或者写木马有限制,命令长度也有限制的苛刻条件下,可使用该工具进行木马分割,一键生成写入命令和合并或者追加命令写入木马; 4 | 5 | ​ windows在苛刻条件下也可以分段写入文本,再合并写入二进制文件,具体可以与Certutil配合,将二进制文件转换为txt,再分段写入后合并还原二进制文件; 6 | 7 | ## 功能介绍 8 | 9 | ``` 10 | -e string 11 | 指定base64编码文件 12 | -f string 13 | 指定分割的文本 14 | -n int 15 | 设置长度进行切割,默认64 (default 64) 16 | 17 | ``` 18 | 19 | 20 | 21 | ​ 1、根据文件后缀进行分割: 22 | 23 | ``` 24 | 当文件是txt时,会直接分割成几个txt 25 | ./Split_tools -f 1.txt 26 | 27 | 当文件是木马后缀时,会分割后生成写入命令 28 | ./Split_tools -f 1.jsp 29 | ``` 30 | 31 | 分割txt: 32 | 33 | ![image-20230307093119027](./assets/image-20230307093119027.png) 34 | 35 | ![image-20230307093211722](./assets/image-20230307093211722.png) 36 | 37 | 38 | 39 | 分割木马: 40 | 41 | ![image-20230307093032359](./assets/image-20230307093032359.png) 42 | 43 | ​ 2、可设置分割的长度 44 | 45 | ``` 46 | ./Split_tools -f 1.txt -n 64 47 | ``` 48 | 49 | ​ 3、可对文件进行base64编码 50 | ``` 51 | 编码文件后,将生成./results/enbase64.txt文件 52 | 上传编码文件后,结合certutil -decode xxx.txt xxx.exe命令进行还原; 53 | ``` 54 | 55 | ![image-20240104111644639](./assets/image-20240104111644639.png) 56 | 57 | ## 注意: 58 | 59 | ``` 60 | 目标服务器为windows时,分割的内容中如有双引号,需要闭合才能写入; 61 | 或将内容进行base64编码,分段写入后用Certutil解码。 62 | ``` 63 | 64 | ## 更新记录: 65 | ``` 66 | [+] 2024.1.4 新增base64文件编码、输出分割命令文件 67 | ``` 68 | 69 | -------------------------------------------------------------------------------- /assets/image-20230307093032359.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/corunb/Split_tools/60a7527bec7d4f00927dacb0ef79735ae11eac17/assets/image-20230307093032359.png -------------------------------------------------------------------------------- /assets/image-20230307093119027.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/corunb/Split_tools/60a7527bec7d4f00927dacb0ef79735ae11eac17/assets/image-20230307093119027.png -------------------------------------------------------------------------------- /assets/image-20230307093211722.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/corunb/Split_tools/60a7527bec7d4f00927dacb0ef79735ae11eac17/assets/image-20230307093211722.png -------------------------------------------------------------------------------- /assets/image-20240104111644639.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/corunb/Split_tools/60a7527bec7d4f00927dacb0ef79735ae11eac17/assets/image-20240104111644639.png -------------------------------------------------------------------------------- /build.bat: -------------------------------------------------------------------------------- 1 | ::mac 2 | SET CGO_ENABLED=0 3 | SET GOOS=darwin 4 | SET GOARCH=amd64 5 | go build -ldflags="-s -w" -trimpath -o Split_tools_darwin main.go 6 | ::m1 7 | SET CGO_ENABLED=0 8 | SET GOOS=darwin 9 | SET GOARCH=arm64 10 | go build -ldflags="-s -w" -trimpath -o Split_tools_m1 main.go 11 | ::linux 12 | SET CGO_ENABLED=0 13 | SET GOOS=linux 14 | SET GOARCH=amd64 15 | go build -ldflags="-s -w" -trimpath -o Split_tools_linux main.go 16 | ::win 17 | SET CGO_ENABLED=0 18 | SET GOOS=windows 19 | SET GOARCH=amd64 20 | go build -ldflags="-s -w" -trimpath -o Split_tools.exe main.go -------------------------------------------------------------------------------- /cmd/ReadandWrite.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "strconv" 8 | ) 9 | 10 | // ReadFile 读取文件列表返回数组 11 | func ReadFile(File string) string { 12 | f, err := os.Open(File) 13 | if err != nil { 14 | fmt.Println("read file fail", err) 15 | return "" 16 | } 17 | 18 | fd, err := ioutil.ReadAll(f) 19 | if err != nil { 20 | fmt.Println("read to fd fail", err) 21 | return "" 22 | } 23 | 24 | return string(fd) 25 | } 26 | 27 | // Write 写文件 28 | func Write(output string, number int) { 29 | //创建文件夹 30 | _ = os.Mkdir("./results", os.ModePerm) 31 | var filename string 32 | if number >= 1 { 33 | filename = "./results/" + strconv.Itoa(number) + ".txt" 34 | } else if number == 0 { 35 | filename = "./results/" + "log.txt" 36 | } else { 37 | filename = "./results/" + "enbase64.txt" 38 | } 39 | 40 | file, err := os.OpenFile(filename, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644) 41 | if err != nil { 42 | fmt.Printf("文件错误,错误为:%v\n", err) 43 | return 44 | } 45 | str := []byte(output) 46 | _, _ = file.Write(str) //将str字符串的内容写到文件中,强制转换为byte,因为Write接收的是byte。 47 | } 48 | -------------------------------------------------------------------------------- /cmd/encode.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import "encoding/base64" 4 | 5 | func EnBase64() { 6 | en64 := ReadFile(EncodeFile) 7 | //base64压缩 8 | sourcestring := base64.StdEncoding.EncodeToString([]byte(en64)) 9 | Write(sourcestring, -1) 10 | } 11 | -------------------------------------------------------------------------------- /cmd/flag.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "flag" 5 | "github.com/gookit/color" 6 | ) 7 | 8 | var Number int 9 | var File string 10 | var EncodeFile string 11 | 12 | func init() { 13 | flag.IntVar(&Number, "n", 64, "设置长度进行切割,默认32") 14 | flag.StringVar(&File, "f", "", "指定分割的文本") 15 | flag.StringVar(&EncodeFile, "e", "", "指定base64编码文件") 16 | flag.Parse() 17 | 18 | logo := ` 19 | ____ _ _ _ _ _ 20 | / ___| _ __ | (_) |_ | |_ ___ ___ | |___ 21 | \___ \| '_ \| | | __| | __/ _ \ / _ \| / __| 22 | ___) | |_) | | | |_ | || (_) | (_) | \__ \ 23 | |____/| .__/|_|_|\__|___\__\___/ \___/|_|___/ 24 | |_| |_____| 25 | 26 | [+] code by Corun V1.1 27 | [+] https://github.com/corunb/Split_tools 28 | ` 29 | color.HiGreen.Println(logo) 30 | 31 | } 32 | -------------------------------------------------------------------------------- /cmd/root.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "bytes" 5 | "fmt" 6 | "github.com/gookit/color" 7 | "path" 8 | "strconv" 9 | "strings" 10 | ) 11 | 12 | func Run() { 13 | if File != "" { 14 | //判断文件后缀类型是不是txt 15 | if strings.Contains(Filename(File), ".txt") == true { 16 | Partition() 17 | } else { 18 | Partitions(ReadFile(File), Number) 19 | } 20 | } else if EncodeFile != "" { 21 | EnBase64() 22 | color.HiGreen.Println("[+] 编码文件成功,请见results目录!") 23 | color.HiGreen.Println("上传base64编码后的文件可使用还原命令:" + 24 | "certutil -decode test.txt test.exe\n") 25 | 26 | } else { 27 | fmt.Println("啥也没有,干点啥呢!!") 28 | } 29 | 30 | } 31 | 32 | // Partitions 分割木马文件并生成写入命令 33 | func Partitions(str string, Number int) { 34 | //newstrs := strings.Replace(str, `"`, `%22`, -1) 35 | wins := SplitSubN(str, Number) 36 | fmt.Println("windows写入多个文件后合并命令:") 37 | Write("windows写入多个文件后合并命令:\n", 0) 38 | 39 | var winstr []string 40 | for i := 0; i < len(wins); i++ { 41 | req := "echo|set /p=\"" + wins[i] + "\">" + strconv.Itoa(i) + ".txt" 42 | winstr = append(winstr, req) 43 | } 44 | for _, v := range winstr { 45 | fmt.Println(v) 46 | Write(v+"\n", 0) 47 | } 48 | fmt.Println("使用copy命令合并文件!") 49 | color.HiGreen.Println("示例:copy 0.txt + 1.txt out.txt!") 50 | Write("使用copy命令合并文件!\n", 0) 51 | Write("示例:copy 0.txt + 1.txt out.txt!\n", 0) 52 | fmt.Println() 53 | fmt.Println("windows追加字符:") 54 | Write("windows追加字符:\n", 0) 55 | var winstrs []string 56 | for i := 0; i < len(wins); i++ { 57 | req := "echo|set /p=\"" + wins[i] + "\">>" + "test" + Filename(File) 58 | winstrs = append(winstrs, req) 59 | } 60 | for _, v := range winstrs { 61 | fmt.Println(v) 62 | Write(v+"\n", 0) 63 | } 64 | fmt.Println("================================================================") 65 | Write("================================================================\n", 0) 66 | 67 | //________________________________________________________________ 68 | 69 | newlinuxstrs := strings.Replace(str, `'`, `"`, -1) 70 | lins := SplitSubN(newlinuxstrs, Number) 71 | fmt.Println() 72 | fmt.Println("linux追加写入命令:") 73 | Write("linux追加写入命令:\n", 0) 74 | var linstr []string 75 | for i := 0; i < len(lins); i++ { 76 | req := "echo -n '" + lins[i] + "' >>" + "1.txt" 77 | linstr = append(linstr, req) 78 | } 79 | for _, v := range linstr { 80 | fmt.Println(v) 81 | Write(v+"\n", 0) 82 | } 83 | 84 | fmt.Printf("\nlinux写入多个文件后合并:\n") 85 | Write("linux写入多个文件后合并:\n", 0) 86 | linsr := SplitSubN(str, Number) 87 | fmt.Println("linux分割写入后合并命令:") 88 | Write("linux分割写入后合并命令:\n", 0) 89 | var linstrs []string 90 | for i := 0; i < len(linsr); i++ { 91 | //fmt.Println("echo '"+ lins[i] +"' >" + strconv.Itoa(i) + ".txt") 92 | req := "echo -n '" + linsr[i] + "' >" + strconv.Itoa(i) + ".txt" 93 | linstrs = append(linstrs, req) 94 | } 95 | for _, v := range linstrs { 96 | fmt.Println(v) 97 | Write(v+"\n", 0) 98 | } 99 | //fmt.Printf("示例命令:paste -d '' 1.txt 2.txt > 3.txt\n") 100 | color.HiGreen.Printf("合并文件示例命令:paste -d '' 1.txt 2.txt > 3.txt\n") 101 | Write("合并文件示例命令:paste -d '' 1.txt 2.txt > 3.txt\n", 0) 102 | 103 | } 104 | 105 | // Partition 分割txt文件 106 | func Partition() { 107 | str := SplitSubN(ReadFile(File), Number) 108 | fmt.Printf("分割为 %v 个\n", len(str)) 109 | for i, v := range str { 110 | fmt.Println(v) 111 | Write(v, i) 112 | } 113 | } 114 | 115 | // SplitSubN 按照长度切割字符串 116 | func SplitSubN(s string, n int) []string { 117 | var sub string 118 | var subs []string 119 | 120 | runes := bytes.Runes([]byte(s)) 121 | l := len(runes) 122 | for i, r := range runes { 123 | sub = sub + string(r) 124 | if (i+1)%n == 0 { 125 | subs = append(subs, sub) 126 | sub = "" 127 | } else if (i + 1) == l { 128 | subs = append(subs, sub) 129 | } 130 | } 131 | return subs 132 | } 133 | 134 | // Filename 读取文件后缀 135 | func Filename(File string) string { 136 | 137 | filenameWithSuffix := path.Base(File) 138 | fileSuffix := path.Ext(filenameWithSuffix) 139 | 140 | return fileSuffix 141 | } 142 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module Split_tools 2 | 3 | go 1.19 4 | 5 | require github.com/gookit/color v1.5.2 6 | 7 | require ( 8 | github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect 9 | golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 // indirect 10 | ) 11 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 2 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 3 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 4 | github.com/gookit/color v1.5.2 h1:uLnfXcaFjlrDnQDT+NCBcfhrXqYTx/rcCa6xn01Y8yI= 5 | github.com/gookit/color v1.5.2/go.mod h1:w8h4bGiHeeBpvQVePTutdbERIUf3oJE5lZ8HM0UgXyg= 6 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 7 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 8 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 9 | github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= 10 | github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 11 | github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= 12 | github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= 13 | github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 h1:QldyIu/L63oPpyvQmHgvgickp1Yw510KJOqX7H24mg8= 14 | github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778/go.mod h1:2MuV+tbUrU1zIOPMxZ5EncGwgmMJsa+9ucAQZXxsObs= 15 | golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 h1:Bli41pIlzTzf3KEY06n+xnzK/BESIg2ze4Pgfh/aI8c= 16 | golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 17 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 18 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 19 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= 20 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 21 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "Split_tools/cmd" 5 | ) 6 | 7 | func main() { 8 | cmd.Run() 9 | } 10 | 11 | --------------------------------------------------------------------------------