From ccf3701011eb07891f55c8e100df7819374c4f06 Mon Sep 17 00:00:00 2001
From: b0yd <winceyr@gmail.com>
Date: Wed, 6 Nov 2024 15:26:40 +0000
Subject: [PATCH 1/2] Fixed implant custom HTTP header code

---
 client/assets/c2profiles.go                     |  4 ++--
 client/command/c2profiles/c2profiles.go         | 11 +++++++++++
 .../sliver/transports/httpclient/httpclient.go  | 17 ++++++-----------
 server/db/helpers.go                            | 17 +++++++++++++++++
 4 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/client/assets/c2profiles.go b/client/assets/c2profiles.go
index 4cddcf4938..a86be81da5 100644
--- a/client/assets/c2profiles.go
+++ b/client/assets/c2profiles.go
@@ -35,7 +35,7 @@ type NameValueProbability struct {
 	Name        string `json:"name"`
 	Value       string `json:"value"`
 	Probability int    `json:"probability"`
-	Methods     []string
+	Methods     []string `json:"methods"`
 }
 
 // HTTPC2ImplantConfig - Implant configuration options
@@ -56,7 +56,7 @@ type HTTPC2ImplantConfig struct {
 
 	NonceQueryArgChars string                 `json:"nonce_query_args"`
 	URLParameters      []NameValueProbability `json:"url_parameters"`
-	Headers            []NameValueProbability `json:"headers"`
+	Headers            []NameValueProbability `json:"client_headers"`
 
 	MaxFiles int `json:"max_files"`
 	MinFiles int `json:"min_files"`
diff --git a/client/command/c2profiles/c2profiles.go b/client/command/c2profiles/c2profiles.go
index 8437977773..9c8efdc2b6 100644
--- a/client/command/c2profiles/c2profiles.go
+++ b/client/command/c2profiles/c2profiles.go
@@ -453,6 +453,17 @@ func C2ConfigToProtobuf(profileName string, config *assets.HTTPC2Config) *client
 		})
 	}
 
+        for _, clientHeader := range config.ImplantConfig.Headers {
+                for _, method := range clientHeader.Methods {
+                        httpC2Headers = append(httpC2Headers, &clientpb.HTTPC2Header{
+                                Method:      method,
+                                Name:        clientHeader.Name,
+                                Value:       clientHeader.Value,
+                                Probability: int32(clientHeader.Probability),
+                        })
+                }
+        }
+
 	implantConfig := &clientpb.HTTPC2ImplantConfig{
 		UserAgent:                 config.ImplantConfig.UserAgent,
 		ChromeBaseVersion:         int32(config.ImplantConfig.ChromeBaseVersion),
diff --git a/implant/sliver/transports/httpclient/httpclient.go b/implant/sliver/transports/httpclient/httpclient.go
index a86552ce10..8eee99b7fc 100644
--- a/implant/sliver/transports/httpclient/httpclient.go
+++ b/implant/sliver/transports/httpclient/httpclient.go
@@ -238,7 +238,7 @@ func (s *SliverHTTPClient) newHTTPRequest(method string, uri *url.URL, body io.R
 		Name        string
 		Value       string
 		Probability string
-		Methods     []string
+		Method      string
 	}
 
 	// HTTP C2 Profile headers
@@ -248,20 +248,15 @@ func (s *SliverHTTPClient) newHTTPRequest(method string, uri *url.URL, body io.R
 			Name:        "{{$header.Name}}",
 			Value:       "{{$header.Value}}",
 			Probability: "{{$header.Probability}}",
-			Methods: []string{
-				// {{range $method := $header.Methods}}
-				"{{$method}}",
-				// {{end}}
-			},
+			Method:      "{{$header.Method}}",
 		},
 		// {{end}}
 	}
+
 	for _, header := range extraHeaders {
-		// Empty array means all methods (backwards compatibility)
-		if len(header.Methods) > 0 {
-			if !contains(header.Methods, method) {
-				continue
-			}
+
+		if len(header.Method) > 0 && header.Method != method {
+			continue
 		}
 		// {{if .Config.Debug}}
 		log.Printf("Rolling to add HTTP header '%s: %s' (%s)", header.Name, header.Value, header.Probability)
diff --git a/server/db/helpers.go b/server/db/helpers.go
index 869423d60f..6f91a3b75b 100644
--- a/server/db/helpers.go
+++ b/server/db/helpers.go
@@ -470,6 +470,13 @@ func HTTPC2ConfigUpdate(newConf *clientpb.HTTPC2Config, oldConf *clientpb.HTTPC2
 		return err.Error
 	}
 
+        err = Session().Where(&models.HttpC2Header{
+                HttpC2ServerConfigID: &clientID,
+        }).Delete(&models.HttpC2Header{})
+        if err.Error != nil {
+                return err.Error
+        }
+
 	err = Session().Where(&models.ImplantConfig{
 		ID: clientID,
 	}).Updates(c2Config.ImplantConfig)
@@ -487,6 +494,16 @@ func HTTPC2ConfigUpdate(newConf *clientpb.HTTPC2Config, oldConf *clientpb.HTTPC2
 		}
 	}
 
+        for _, header := range c2Config.ImplantConfig.Headers {
+                header.HttpC2ImplantConfigID = &clientID
+                err = Session().Clauses(clause.OnConflict{
+                        UpdateAll: true,
+                }).Create(&header)
+                if err.Error != nil {
+                        return err.Error
+                }
+        }
+
 	serverID, _ := uuid.FromString(oldConf.ServerConfig.ID)
 
 	err = Session().Where(&models.HttpC2Cookie{

From 82e294e3ef890f06cf85de4a1cf6808da23db1f5 Mon Sep 17 00:00:00 2001
From: b0yd <winceyr@gmail.com>
Date: Wed, 6 Nov 2024 15:40:48 +0000
Subject: [PATCH 2/2] Gofmt

---
 client/assets/c2profiles.go             |  6 ++---
 client/command/c2profiles/c2profiles.go | 20 ++++++++---------
 server/db/helpers.go                    | 30 ++++++++++++-------------
 3 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/client/assets/c2profiles.go b/client/assets/c2profiles.go
index a86be81da5..04d3784441 100644
--- a/client/assets/c2profiles.go
+++ b/client/assets/c2profiles.go
@@ -32,9 +32,9 @@ type HTTPC2ServerConfig struct {
 }
 
 type NameValueProbability struct {
-	Name        string `json:"name"`
-	Value       string `json:"value"`
-	Probability int    `json:"probability"`
+	Name        string   `json:"name"`
+	Value       string   `json:"value"`
+	Probability int      `json:"probability"`
 	Methods     []string `json:"methods"`
 }
 
diff --git a/client/command/c2profiles/c2profiles.go b/client/command/c2profiles/c2profiles.go
index 9c8efdc2b6..a16007230d 100644
--- a/client/command/c2profiles/c2profiles.go
+++ b/client/command/c2profiles/c2profiles.go
@@ -453,16 +453,16 @@ func C2ConfigToProtobuf(profileName string, config *assets.HTTPC2Config) *client
 		})
 	}
 
-        for _, clientHeader := range config.ImplantConfig.Headers {
-                for _, method := range clientHeader.Methods {
-                        httpC2Headers = append(httpC2Headers, &clientpb.HTTPC2Header{
-                                Method:      method,
-                                Name:        clientHeader.Name,
-                                Value:       clientHeader.Value,
-                                Probability: int32(clientHeader.Probability),
-                        })
-                }
-        }
+	for _, clientHeader := range config.ImplantConfig.Headers {
+		for _, method := range clientHeader.Methods {
+			httpC2Headers = append(httpC2Headers, &clientpb.HTTPC2Header{
+				Method:      method,
+				Name:        clientHeader.Name,
+				Value:       clientHeader.Value,
+				Probability: int32(clientHeader.Probability),
+			})
+		}
+	}
 
 	implantConfig := &clientpb.HTTPC2ImplantConfig{
 		UserAgent:                 config.ImplantConfig.UserAgent,
diff --git a/server/db/helpers.go b/server/db/helpers.go
index 6f91a3b75b..db256e2252 100644
--- a/server/db/helpers.go
+++ b/server/db/helpers.go
@@ -470,12 +470,12 @@ func HTTPC2ConfigUpdate(newConf *clientpb.HTTPC2Config, oldConf *clientpb.HTTPC2
 		return err.Error
 	}
 
-        err = Session().Where(&models.HttpC2Header{
-                HttpC2ServerConfigID: &clientID,
-        }).Delete(&models.HttpC2Header{})
-        if err.Error != nil {
-                return err.Error
-        }
+	err = Session().Where(&models.HttpC2Header{
+		HttpC2ServerConfigID: &clientID,
+	}).Delete(&models.HttpC2Header{})
+	if err.Error != nil {
+		return err.Error
+	}
 
 	err = Session().Where(&models.ImplantConfig{
 		ID: clientID,
@@ -494,15 +494,15 @@ func HTTPC2ConfigUpdate(newConf *clientpb.HTTPC2Config, oldConf *clientpb.HTTPC2
 		}
 	}
 
-        for _, header := range c2Config.ImplantConfig.Headers {
-                header.HttpC2ImplantConfigID = &clientID
-                err = Session().Clauses(clause.OnConflict{
-                        UpdateAll: true,
-                }).Create(&header)
-                if err.Error != nil {
-                        return err.Error
-                }
-        }
+	for _, header := range c2Config.ImplantConfig.Headers {
+		header.HttpC2ImplantConfigID = &clientID
+		err = Session().Clauses(clause.OnConflict{
+			UpdateAll: true,
+		}).Create(&header)
+		if err.Error != nil {
+			return err.Error
+		}
+	}
 
 	serverID, _ := uuid.FromString(oldConf.ServerConfig.ID)