feature: make start_local/start_exe work reliably

.gitignore

@@ -15,4 +15,5 @@ out/
 tools/
 doc/
 *.pickle
-logs/
+logs/
+app/projects/*

app/templates/project.html

@@ -79,28 +79,34 @@
                     >{{value}}</option>
                     {% endfor %}
                 </select>
-    
             </div>
 
             <div class="col-3">
                 <div class="row">
-                    <button class="btn btn-primary" type="submit" value="save">Save</button>
+                    <button class="btn btn-primary" type="submit" value="save">Save Settings</button>
                     </form>
                 </div>
 
                 <div class="row">
-                <div class="d-flex">
-                    <form method="POST" enctype="multipart/form-data" action="/start_project">
+                    <form method="POST" enctype="multipart/form-data" action="/build_project">
                         <input type="hidden" name="project_name" value="{{project_name}}">
-
-                        <button class="btn btn-primary" type="submit" value="start">Start</button>
-
-                        <input class="form-check-input" name="try_start" type="checkbox" value="checked" id="flexCheckDefault" checked>
-                        <label class="form-check-label" for="flexCheckDefault">
-                            Start Infected Exe
-                        </label>
+                        <button class="btn btn-primary" type="submit" value="start">Build</button>
                     </form>
                 </div>
+                
+                <div class="row">
+                    <div class="col-6">
+                        <form method="POST" enctype="multipart/form-data" action="/exec_project">
+                            <input type="hidden" name="project_name" value="{{project_name}}">
+                            <button class="btn btn-primary" type="submit" value="start">Start Local</button>
+                        </form>
+                    </div>
+                    <div class="col-6">
+                        <form method="POST" enctype="multipart/form-data" action="/exec_project?remote=true">
+                            <input type="hidden" name="project_name" value="{{project_name}}">
+                            <button class="btn btn-primary" type="submit" value="start">Start Remote</button>
+                        </form>
+                    </div>
                 </div>
             </div>
         </div>

app/views.py

@@ -16,6 +16,9 @@ from model.settings import Settings
 from model.defs import *
 from supermega import start
 from app.storage import storage, Project
+from sender import scannerDetectsBytes
+from phases.injector import verify_injected_exe
+from helper import run_process_checkret
 
 views = Blueprint('views', __name__)
 
@@ -25,6 +28,9 @@ config.load()
 thread_running = False
 
 
+logger = logging.getLogger("Views")
+
+
 @views.route("/")
 def index():
     return render_template('index.html', data=storage.data)
@@ -78,7 +84,7 @@ def add_project():
             settings.try_start_final_infected_exe = False
 
         settings.inject_exe_in = "app/upload/exe/" + request.form['exe']
-        settings.inject_exe_out = "app/upload/infected/" + request.form['exe'] + ".injected"
+        settings.inject_exe_out = "app/upload/infected/" + request.form['exe'].replace(".exe", ".infected.exe")
 
         source_style = request.form['source_style']
         settings.source_style = SourceStyle[source_style]
@@ -102,6 +108,8 @@ def add_project():
         else:
             # add new project
             project = Project(project_name, settings)
+            project.project_dir = "app/projects/{}".format(project_name)
+            project.project_exe = request.form['exe'].replace(".exe", ".infected.exe")
             project.settings = settings
             settings.project_name = project_name
             storage.add_project(project)
@@ -134,34 +142,31 @@ def add_project():
         )
 
 
-def supermega_thread(settings: Settings, project_name: str):
+def supermega_thread(project: Project):
     global thread_running
-    start(settings)
+    start(project.settings)
     thread_running = False
 
     # copy generated file to project folder
-    file_basename = os.path.basename(settings.inject_exe_out)
+    file_basename = os.path.basename(project.settings.inject_exe_out)
+    project.project_exe = file_basename
+    dest = "app/projects/{}/{}".format(project.name, file_basename)
+    logger.info("Copy {} to project folder {}".format(project.settings.inject_exe_out, dest))
     shutil.copy(
-        settings.inject_exe_out,
-        "app/projects/{}/{}".format(project_name, file_basename)
+        project.settings.inject_exe_out,
+        dest,
     )
 
 
-@views.route("/start_project", methods=['POST', 'GET'])
-def start_project():
+@views.route("/build_project", methods=['POST', 'GET'])
+def build_project():
     global thread_running
 
-    #project_name = request.args.get('project_name')
     project_name = request.form.get('project_name')
-    try_start = request.form.get('try_start')
-    if try_start != None:
-        try_start = True
-    else:
-        try_start = False
     project = storage.get_project(project_name)
-    project.settings.try_start_final_infected_exe = try_start
+    project.settings.try_start_final_infected_exe = False
 
-    thread = Thread(target=supermega_thread, args=(project.settings, project_name, ))
+    thread = Thread(target=supermega_thread, args=(project, ))
     thread.start()
     thread_running = True
 
@@ -179,6 +184,43 @@ def status_project(project_name):
         return redirect("/project/{}".format(project_name), code=302)
 
 
+@views.route("/exec_project", methods=['POST', 'GET'])
+def start_project():
+    project_name = request.form.get('project_name')
+    project = storage.get_project(project_name)
+    if project == None:
+        return redirect("/", code=302)
+
+    remote = False
+    remote_arg = request.args.get('remote')
+    if remote_arg == "true":
+        remote = True
+
+    if remote:
+        logger.info("--[ Exec {} on server {}".format(project.project_exe, config.get("avred_server")))
+        filepath = "{}/{}".format(project.project_dir, project.project_exe)
+        with open(filepath, "rb") as f:
+            data = f.read()
+        try:
+            scannerDetectsBytes(data, project.project_exe, useBrotli=True, verify=project.settings.verify)
+        except Exception as e:
+            logger.error(f'Error scanning: {e}')
+            return 4
+    else:
+        logger.info("--[ Exec {} locally".format(project.project_exe))
+        # Start/verify it at the end
+        if project.settings.verify:
+            logger.info("--[ Verify infected exe")
+            exit_code = verify_injected_exe(project.settings.inject_exe_out)
+        else:
+            logger.info("--[ Start infected exe: {}".format(project.settings.inject_exe_out))
+            run_process_checkret([
+                project.settings.inject_exe_out,
+            ], check=False)
+
+    return redirect("/project/{}".format(project_name), code=302)
+
+
 def get_logfiles():
     log_files = []
     id = 0

model/project.py

@@ -18,6 +18,9 @@ class Project():
         self.exe_host: ExeHost = ExeHost(self.settings.inject_exe_in)
         self.carrier: Carrier = Carrier()
 
+        self.project_dir: str = ""
+        self.project_exe: str = ""
+
 
     def init(self):
         self.payload.init()

supermega.py

@@ -187,14 +187,15 @@ def start(settings: Settings):
     observer.add_code("exe_final", extract_code_from_exe_file_ep(settings.inject_exe_out, 300))
 
     if config.get("avred_server") != "":
-        filename = os.path.basename(settings.inject_exe_in)
-        with open(settings.inject_exe_out, "rb") as f:
-            data = f.read()
-        try:
-            scannerDetectsBytes(data, filename, useBrotli=True, verify=settings.verify)
-        except Exception as e:
-            logger.error(f'Error scanning: {e}')
-            return 4
+        if settings.verify or settings.try_start_final_infected_exe:
+            filename = os.path.basename(settings.inject_exe_in)
+            with open(settings.inject_exe_out, "rb") as f:
+                data = f.read()
+            try:
+                scannerDetectsBytes(data, filename, useBrotli=True, verify=settings.verify)
+            except Exception as e:
+                logger.error(f'Error scanning: {e}')
+                return 4
     else:
         # Start/verify it at the end
         if settings.verify: