Giters

lu4p / ToRat

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

Home Page:https://lu4p.github.io/ToRat

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Critical Issue] Every client produces the same "unique" ID

JustinTimperio opened this issue · comments

commented

This is the output from clients running on three different VM's

Select client to interact with:
 ❯ 0    vBHv3Vc5awx39ivu        vBHv3Vc5awx39ivu
   1    vBHv3Vc5awx39ivu        vBHv3Vc5awx39ivu
   2    vBHv3Vc5awx39ivu        vBHv3Vc5awx39ivu
commented

@lu4p I suspect this is part of a much bigger set of problems that exist in the current database and client management solution. (See #176 #171 #221 ) From what I can tell gorm does not work at all, and even worse we have no ability to detect when a client loses connection. This is the third in a series of bugs that all trace to a poor(not robust) model for dealing with multiple clients. At this point, it is "possible" to run multiple clients but is mostly unusable.

I'm not totally sure what this should look like moving forward, but I think a rework/overhaul may be in order to make managing multiple clients actually viable.

commented

@JustinTimperio just to confirm you are testing different machines/ vms here?

commented

@lu4p I can test this again. They are cloned vms but they have different macs

commented

Make sure to delete everything at the Path dir before testing this.

ToRat/torat_client/persit_windows.go

Line 23 in 81cf702

Path = filepath.Join(os.ExpandEnv("$AppData"), "WindowsDefender")

ToRat/torat_client/persit_linux.go

Line 19 in 81cf702

Path = filepath.Join(os.ExpandEnv("$HOME"), ".cache", "libssh")
or

commented

@lu4p I have tested this on multiple fresh VM's and successfully reproduced this bug.