From 6ca5f302df1a602dc47ecfd8116766774d3402f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=A3=8E=E8=B5=B7?= <1402720815@qq.com> Date: Thu, 14 Jul 2022 10:45:56 +0800 Subject: [PATCH] Update RedGuard Version 22.7.14 --- CHANGELOG | 4 ++++ RedGuard.log | 20 +++++++++++++++++++ cert-rsa/ca.crt | 36 +++++++++++++++++----------------- cert-rsa/ca.key | 50 +++++++++++++++++++++++------------------------ config/version.go | 2 +- lib/CreateSSL.go | 6 ++++++ lib/convert.go | 12 ++++++++++++ 7 files changed, 86 insertions(+), 44 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 8ecd6f8..34d33d5 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,7 @@ +## [22.7.14.1043] - 2022-7-14 +### Added +- Resolve the problem that the custom certificate is overwritten + ## [22.7.12.1111] - 2022-7-12 ### Added - Profile Header authentication ignores case diff --git a/RedGuard.log b/RedGuard.log index 25903a4..ec2639c 100644 --- a/RedGuard.log +++ b/RedGuard.log @@ -539,3 +539,23 @@ [2022-06-01 15:37:41] [RedGuard/core.modifyResponse.func1.1] [RESPONSE] HTTP 404 Not Found, length: 0 [2022-06-01 15:37:41] [RedGuard/core.(*baseHandle).ServeHTTP] [REDIRECT] Source IP: 127.0.0.1 -> Destination Site: https://cloud.tencent.com/ +[2022-07-14 10:41:04] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy... +[2022-07-14 10:41:04] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"} +[2022-07-14 10:41:04] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP) +[2022-07-14 10:41:04] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS) +[2022-07-14 10:41:12] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"} +[2022-07-14 10:41:12] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP) +[2022-07-14 10:41:12] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS) +[2022-07-14 10:41:51] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy... +[2022-07-14 10:41:51] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"} +[2022-07-14 10:41:51] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP) +[2022-07-14 10:41:51] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS) +[2022-07-14 10:42:20] [RedGuard/lib.CreateConfig] RedGuard initialization is complete! +[2022-07-14 10:42:21] [RedGuard/lib.CreateConfig] RedGuard config path is: C:\Users\风起/.RedGuard_CobaltStrike.ini +[2022-07-14 10:42:24] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy... +[2022-07-14 10:42:24] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"} +[2022-07-14 10:42:24] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP) +[2022-07-14 10:42:24] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS) +[2022-07-14 10:43:15] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"} +[2022-07-14 10:43:15] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP) +[2022-07-14 10:43:15] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS) diff --git a/cert-rsa/ca.crt b/cert-rsa/ca.crt index f02e1dd..1c45362 100644 --- a/cert-rsa/ca.crt +++ b/cert-rsa/ca.crt @@ -1,24 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIIFwD2T6B86kAwDQYJKoZIhvcNAQELBQAwZjELMAkGA1UE +MIIEFDCCAvygAwIBAgIIFwGR46UNXCwwDQYJKoZIhvcNAQELBQAwZjELMAkGA1UE BhMCQ04xETAPBgNVBAcTCEhhbmdaaG91MS0wKwYDVQQKEyRBbGliYWJhIChDaGlu YSkgVGVjaG5vbG9neSBDby4sIEx0ZC4xFTATBgNVBAMMDCouYWxpeXVuLmNvbTAe -Fw0yMjA3MTIwMzExMjRaFw0yMzA3MTIwMzExMjRaMGYxCzAJBgNVBAYTAkNOMREw +Fw0yMjA3MTQwMjQyMjRaFw0yMzA3MTQwMjQyMjRaMGYxCzAJBgNVBAYTAkNOMREw DwYDVQQHEwhIYW5nWmhvdTEtMCsGA1UEChMkQWxpYmFiYSAoQ2hpbmEpIFRlY2hu b2xvZ3kgQ28uLCBMdGQuMRUwEwYDVQQDDAwqLmFsaXl1bi5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOSqu2E65uDMrnqt+xeXZ7w+Tp+w0ATaL1 -k6f+ie0emIq/VExL1jzjjpByLEVXqskwIXDvIS7WXKTeudVSUZ1CRV3+o8Ztdsy5 -oSsfTQ3J1vqt7/qA6rMiqZAIfsvqt5Kz+yE1aB2o7IpLoseRW2PrXy30qbJ3xFKp -Sn3Yl0J/no3egNTa096R0QGmpL23kG5YQ2s/YhgZQBLg+x/9tf0JGFWMO8/3bxvD -iu9RuVmQpkYhwJvJSThbbg4yKAFmtBZvd6GycZjgyJzekTcU+T0DqawJW3s3r//R -xuGI4yIesLi30MzZ0SoWvfCXxdYINPPXyYXwzpt2tIoLDJcgOBjfAgMBAAGjgcYw -gcMwDgYDVR0PAQH/BAQDAgKkMBMGA1UdJQQMMAoGCCsGAQUFBwMBMIGbBgNVHREE -gZMwgZCCDCouYWxpeXVuLmNvbYIabWFuYWdlci5jaGFubmVsLmFsaXl1bi5jb22C -HCouYWNzLWludGVybmFsLmFsaXl1bmNzLmNvbSKCFCouY29ubmVjdC5hbGl5dW4u -Y29tggphbGl5dW4uY29tghB3aG9pcy53d3cubmV0LmNughJ0aWFuY2hpLWdsb2Jh -bC5jb20wDQYJKoZIhvcNAQELBQADggEBACgy5DMRqEpT2OcAo+n43CVKeus+lQ0+ -x0IqwDljmU42rkZQNgLGHB0YLnJrbMZ6l29dn3KAIMvIJacoLWcIFQAwqW9W6gB4 -zuFFydRMKwQuH42s2vnyCFJ2hwEWJHszA3r8xe4yBn7I/bKPEU+2UFhAHEO5bsFj -SiX7Kc+MPQpAl9Sccmw+k9CdaftFsKcsaMzarnVzsQY7/2ZMNtiPnYRLONKgjtHl -9EAIcB+CqBjZLTlnjxa+e93fqHhSIKtCe6qcyVL9jhPq5hygl1u6o1C4ht7hlC9y -U2Ymn2o4OKQfh6Pio6eWRIU2ERkYCrfh7YNteYpQDC218k5IaG1nJsg= +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCakMhuxLECM6FM6J2tQisFnBdwgTDCNzA0 +WJQ6sOe0rIiMkQ5mhiSrDwUJ3ZFDtxeSxcWRmfcz4SiNMYwS1vGuIBLwNV2qRELk +aFzM29xjMo0isbPvBM70kl29RUP1FT5SUI9ZjwKaVLIc7j0Ugei0+p0QvGtFvgfI +pFpWbav3UqFwUtTcJwCiDTZZM4+94TVqEvFh5f/CM60rFijFZ/Kf16cVtOW0fKcX +oAGA9hEPAYXbSBqBSWAykDBJ3RnbZvL6MD9hsSRgduiiC9t2q/xGRU5X+rKchliW +bjLy+xHoq1asOZK0NxigLIc/6U54IV7nfL/tT40w1GFP/WhgY+0fAgMBAAGjgcUw +gcIwDgYDVR0PAQH/BAQDAgKkMBMGA1UdJQQMMAoGCCsGAQUFBwMBMIGaBgNVHREE +gZIwgY+CDCouYWxpeXVuLmNvbYIabWFuYWdlci5jaGFubmVsLmFsaXl1bi5jb22C +GyouYWNzLWludGVybmFsLmFsaXl1bmNzLmNvbYIUKi5jb25uZWN0LmFsaXl1bi5j +b22CCmFsaXl1bi5jb22CEHdob2lzLnd3dy5uZXQuY26CEnRpYW5jaGktZ2xvYmFs +LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAHPsbex1ZR9p/5p/EdJrvlM3IhMIXUo2D +tm/NWbEB4IVBa+mX0YGs60DiH8R+4VFWKvVhIzcf2/iZuiDKO8jeeZ3mSyDqdPD+ +T40gcNQhvPAH6YMPg8LzYAXVAZcxYCw0PmHr/Sl7EJH8LlR84Nz26HjPqNdLmIZA +ui0jz4zSGtrcqFZzA2+DKiHsnKeQ4685FBUHJP51gyimYiPpQQW3uKPE1uC+8Aq/ +omArVJf9wnBLUWa1vZ4B12G4NVQXHcLvg13tOR0YHnRBJ5OR8ibYBy5VChbqktc4 +9hgOKhm4RO/6XIg6Dey/mBefannq2DgTj2lv9NNXiFppj81ugWhOmQ== -----END CERTIFICATE----- diff --git a/cert-rsa/ca.key b/cert-rsa/ca.key index 414c0ea..9f2f92d 100644 --- a/cert-rsa/ca.key +++ b/cert-rsa/ca.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAzkqrthOubgzK56rfsXl2e8Pk6fsNAE2i9ZOn/ontHpiKv1RM -S9Y8446QcixFV6rJMCFw7yEu1lyk3rnVUlGdQkVd/qPGbXbMuaErH00Nydb6re/6 -gOqzIqmQCH7L6reSs/shNWgdqOyKS6LHkVtj618t9Kmyd8RSqUp92JdCf56N3oDU -2tPekdEBpqS9t5BuWENrP2IYGUAS4Psf/bX9CRhVjDvP928bw4rvUblZkKZGIcCb -yUk4W24OMigBZrQWb3ehsnGY4Mic3pE3FPk9A6msCVt7N6//0cbhiOMiHrC4t9DM -2dEqFr3wl8XWCDTz18mF8M6bdrSKCwyXIDgY3wIDAQABAoIBAQCA+w8BeKzHAhib -YKscO+Vo3MJzyRQH7ILHKNsQuwwW5SlbF0nc4MaRQMHvoN56Qb4o6b/Cw+yU+rfa -yjYmkgDRPq3WWG/oYS7/oVVk7LiCSnfR6QmnMRdvxLTZmu3Eg6KmBY5t5fslcz/E -qrI8n/eJYqlJIBEF8Sn9zyWAFpLtVwVpZ9MxU28oHMdAcJXHXW64BGudpyTDWM1s -LJqajk5kU1beMyIpZUkScXyBuISgJAYwHYQhf5ftE8FuCVtgwF5ThJnpBk6GZWad -WGDzUx+Hb0rZRFrNaNP3WXThggwM6hAB4He0eRIqZJD1djhjRI9MbU98bXV3oPEL -tUI4iGGBAoGBANk1Rrt6YmAnjZpbxRHf0vx60RlTgtY6T+r3V2d1zoQiQ7CNOyEC -HGET7OLWoacJF/ZG5dl1Uha0C6KaWPicchrEFAevPyfv2dQH539spXtbG6tONCR4 -ba5VGZreVPLfO/Qzg2mOX4FjMmmMjZOZSBp8yUuIeAIm+5+adBPgaNZrAoGBAPMi -TANtmMaDx1sdV6992uUvmEhP6nAWVOln7XMc/YH7T9ORe6IVw5HaiN0UTSMIDTkJ -tov0lE+oHHT6Zx23/dDDD8AcySKXpKHWK2CeTj2k3Q7Fp5A2sJEPorQnqcn+cXz4 -Wp9wuX1L8YRIQEUSrihRhpnozqPgIDihVln6q5xdAoGAW6Sp0kIBrbYifaUIkdEQ -0Ov0uy3L/x0dSPLQ0tsWphNa4evErdmZJbBlexO5oqMolAU3xzdDykZuvk1HCqXf -UsG1/cQH7o65JkereczaSSCYnP9i6pxREoPfSMNTriFXx2HQqUGjtBCpXXUq6sJ6 -dIp/17mdgLL36VAed6BwOz8CgYBqEpx3Iml0silXZwXKWm4Vbx5Q7gypuhRxgBXo -Es3G142MD/yQSk54Y48yZJkCn5ClQceSZ7IMzpsbreMu5Aan/XHxrp1Rqjb5JCbo -kCgyXKrUtwbTtAh0QQ4K6wL4TTnV+8QNq3BBadCElcD0YaH5lRfULe15MV7dVgYG -W4ZjQQKBgHOhzG1to2nT8qfug6jWLids7YxtunXW0q1LwotwVtzvbdj9Qv07LQnT -dJO7AGw7sioa/50utwno8I5yPYsEUNuffH9/k8fP3Ydm686/hcp+hPMN/HXKp0sF -bPzMXBfkOFQ5WAOA/eLTm2Z6P5YDw7aRdtYgCFH9SSMMZd4jzYYR +MIIEowIBAAKCAQEAmpDIbsSxAjOhTOidrUIrBZwXcIEwwjcwNFiUOrDntKyIjJEO +ZoYkqw8FCd2RQ7cXksXFkZn3M+EojTGMEtbxriAS8DVdqkRC5GhczNvcYzKNIrGz +7wTO9JJdvUVD9RU+UlCPWY8CmlSyHO49FIHotPqdELxrRb4HyKRaVm2r91KhcFLU +3CcAog02WTOPveE1ahLxYeX/wjOtKxYoxWfyn9enFbTltHynF6ABgPYRDwGF20ga +gUlgMpAwSd0Z22by+jA/YbEkYHboogvbdqv8RkVOV/qynIZYlm4y8vsR6KtWrDmS +tDcYoCyHP+lOeCFe53y/7U+NMNRhT/1oYGPtHwIDAQABAoIBABoQLewXuK1hXWKl +muj7TlvczUsITduCCNvaz+vxprCdo0zorN/24LoDh1r5hKRBfHUgakc6CigyYG8m +mrMWkZxGBkuBBDFQ32K6gmN883W6sXfXNTspuWgeQjZHNsVd9qtUsEduyQaTH5Gn +Tp9lpILX+6I103ToLVHU/PKz/ZpvjnRdfL1pFvTAzGYRAddI+3Wp4phfzcqqXtpl +WcZ4Uux+/GzFtSH9eXaevCC4p+jcrQY1mt3BPdcz5JU43uQ+diTfTwGvL+4dCUxO +sboAjMkw2xMXNG2SQRMTPlhLfcKh8NK3pYyVRfzOXk6bnLeBsRaLV6uXoR5njk+M +Kr0zzDECgYEAy9/5XwI4LiY1XcXJrJmvilqtHUH1cGG1x8Ob+gpGiJ8Ryk+6i7pi +8KP+scDUOGFfFwRycNwIoGP0J1WB4pRkTDqE8FQyh4TeOsK57NGp8wLt6COOnmps +/8QRH+YqPG5n0yI3aQNOqkPuKoFYCiGF79VuhCuOGLaplXlmyQl/TTcCgYEAwhVp +lLuo5phLvRTr6pgGVPCOhirdTktuRUp4NaNuGveUDww2TjdKBmqLcwVPEtuI3G/f +k2AUKlWH0Q3N8340hG7hloSVQRHfoALy0Iljc4dFO0HrzOvSoaVYkhODqz6M6gfJ +B+8Qiku93JI7G4qalg1jr3ItBK46KVTCQl5RE1kCgYBYEiYww82vKfRN0P6BIFbz +pp44EGFNrfgQFtFPn5a+uDDAO9bzO444NC/3a7yBqpagY9xoIrVbTDKRt1+HmOEH +CRSamVTGtEAoFCyrQBtxjidl685VYtY5WuKm7A/80Rjq3VIgfDxEU1oUZJG6tqac +Z4/5arNUu7vghXRAjmi+2wKBgGUb/psLgJxRLvPcWGMou/O4NqfS4OQPC+1xNFrN +P2kxHaMRO6FX0GqzSt6rH1y1ngEpDxKZ9Sdw04anaGm3j+iGU2O0woTZqOSVZKYb +TQI8sGaEmzFwkZTArPm8zNWDiqnJUIOfmcBSYSDt1XktpgcSBqK6GpXbplUt4N3u +gNJRAoGBAIo2SQXHObtfphpMVoDZm3A2DubekPuY5aHx0x5U24IDcF/19AJ3SvOh +U7NHpHgGDal5WhLN9dIRBxujP/BL1TAKPpf6P5x4o1Jva0tUWcLvTzAM6NgFMY+0 +p4z+rF2IIkG383nWDpSL3r+0mpUEaPY5iCO8fyUQQtIr6gt+o8PW -----END RSA PRIVATE KEY----- diff --git a/config/version.go b/config/version.go index 8a086a4..6ba5861 100644 --- a/config/version.go +++ b/config/version.go @@ -21,7 +21,7 @@ Github:%s RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check. ` - VERSION = "22.7.12 Alpha" + VERSION = "22.7.14 Alpha" TITLE = "RedGuard" LICENSE = "GPL-2.0" URL = "https://github.com/wikiZ/RedGuard" diff --git a/lib/CreateSSL.go b/lib/CreateSSL.go index e0ef8bb..9346b86 100644 --- a/lib/CreateSSL.go +++ b/lib/CreateSSL.go @@ -89,6 +89,12 @@ func GenerateSelfSignedCert(cert *parameter.Cert) { } func InitGenerateSelfSignedCert() { + // Check whether an SSL certificate is generated + if _existsCrt, _ := FileExists("cert-rsa/ca.crt"); _existsCrt { + if _existsKey, _ := FileExists("cert-rsa/ca.key"); _existsKey { + return + } + } // Example Create a CA certificate storage directory if _, err := os.Stat("cert-rsa"); err != nil { _ = os.Mkdir("cert-rsa", 0766) // Directory permissions diff --git a/lib/convert.go b/lib/convert.go index 5d460db..32c4b59 100644 --- a/lib/convert.go +++ b/lib/convert.go @@ -11,6 +11,7 @@ import ( "crypto/md5" "encoding/hex" "encoding/json" + "os" "regexp" ) @@ -45,3 +46,14 @@ func CheckIP(ip string) bool { } return true } + +func FileExists(path string) (bool, error) { + _, err := os.Stat(path) + if err == nil { + return true, nil + } + if os.IsNotExist(err) { + return false, nil + } + return false, err +}