2.3 rework

.github/dependabot.yml

@@ -1,7 +1,12 @@
 version: 2
 updates:
   - package-ecosystem: "gomod"
-    directory: "/"
+    directory: "/server"
+    schedule:
+      interval: "daily"
+
+  - package-ecosystem: "npm"
+    directory: "/app"
     schedule:
       interval: "daily"
 

.github/workflows/publish.yml

@@ -1,4 +1,4 @@
-name: Publish Docker Image 
+name: Publish Docker Image
 on:
   release:
     types: [published]

Dockerfile

@@ -1,25 +1,44 @@
-FROM golang:1.22.3 as build
+####################
+# build the server #
+####################
+FROM golang:1.22.3 as go
 
-WORKDIR /app
+COPY server /server
+WORKDIR /server
+
+RUN CGO_ENABLED=0 go build
 
-COPY *.go ./
-COPY *.mod ./
-COPY *.sum ./
-COPY log ./log
-COPY routes ./routes
-COPY shell ./shell
-COPY static ./static
-COPY util ./util
-COPY views ./views
+#####################
+# build the web app #
+#####################
+FROM node as node
 
-EXPOSE 5566 
-RUN CGO_ENABLED=0 go build .
+COPY app /app
+WORKDIR /app
 
+ENV VITE_API_URL_DEV "http://127.0.0.1:5566"
+RUN npm run build
+
+#####################
+# the actual runner #
+#####################
 FROM alpine as main
-COPY --from=build /app /app
 
-ARG PASSWORD
-ENV PASSWORD $PASSWORD
-WORKDIR /app
+RUN apk add sed bash build-base dumb-init gcc mingw-w64-gcc
+
+WORKDIR /ezcat
+
+COPY --from=node /app/build     ./static
+COPY --from=go   /server/server ./
+
+COPY payloads       ./payloads
+COPY docker/init.sh ./
+
+RUN chmod +x "init.sh"
+ENV STATIC_DIR "./static"
+ENV PAYLOAD_DIR "./payloads"
+
+ARG API_URL
+ENV API_URL $API_URL
 
-ENTRYPOINT ["/app/ezcat"]
+ENTRYPOINT ["dumb-init", "./init.sh"]

README.md

@@ -1,32 +1,55 @@
-# ezcat 🐱 easy shell handler written in go
+# ezcat 🐱 easy reverse shell handler
 ![](/assets/showcase.gif)
 
 ---
 
-### 🚀 Install 
-An easy way to install ezcat is to use docker:
-```
-docker run --rm --network host \
-    -e PASSWORD=securepassword \
-    ghcr.io/ngn13/ezcat
-```
-or you can download the latest binary from the [releases tab](https://github.com/ngn13/ezcat/releases),
-extract it with `tar` and then copy it to somewhere in your `PATH`.
+### 📋 Features
+- Easy to install
+- Simple web interface
+- Agent communication over DNS
+- Receive TCP reverse shells
+- Linux & Windows support
+- Self deletion because why not
 
-By default ezcat will try to detect your interface IP address (giving priority to tunnel interfaces).
-If you want set this IP address to something else by default, you can use the `SHELLIP` environment variable:
+### 🚀 Install
+You can easily install ezcat with docker:
 ```
 docker run --rm --network host \
     -e PASSWORD=securepassword \
-    -e SHELLIP=10.10.10.15     \
     ghcr.io/ngn13/ezcat
 ```
 
----
+### ⚙️ Configuration
+Configuration is handled with environment variables, here are all the options:
+
+- **`PASSWORD`**: Used to change the login password, by default it's `ezcat`, and for security, you should
+definitely change it
+- **`SHELLIP`**: By default ezcat will try to detect your interface IP address (giving priority to tunnel interfaces).
+If you want set this IP address to something else by default, you can use the `SHELLIP` environment variable
+- **`DISABLE_MEGAMIND`**: When set to `1`, it disables the "no shells?" megamind meme that's displayed on the dashboard if you don't have
+any active shells
+- **`HTTP_PORT`**: Used to change the port that the API server will listen on, default is 5566
+- **`AGENT_PORT`**: Used to change the agent communication port, default is 1053
+- **`API_URL`**: Used to change the API URL for the front-end application
+- **`DATA_DIR`**: Directory that the server will use to store stage builds, default is `./data`
+- **`STATIC_DIR`**: Used to change the front-end application (static) directory, it's pre-set in the Dockerfile,
+you don't need to worry about it unless you are working on something
+- **`PAYLOAD_DIR`**: Specifies the directory that contains the payloads, it's pre-set in the Dockerfile, just like
+the `STATIC_DIR` option, don't worry about it
+- **`DEBUG`**: When set to `1`, it enables debug output for the server and the stage builds
 
 ### ⚒️ Build
-To build ezcat, install a recent version go. Then clone the repository and run the go build command:
+To build ezcat, install a recent version go. Then download and [extract the latest release](http://github.com/ngn13/ezcat/releases/latest).
+- To build the server, install a recent version of go, change directory into the `server/` directory and run:
 ```bash
-go build .
+go build
 ```
-For development, login to the web interface with the default password, `ezcat`.
+
+- To build the front-end application, install a recent version of node and npm change directory into the `app/` directory and run:
+```bash
+npm i
+npm run build 
+```
+
+To build different payloads during runtime, you will need GNU `coreutils` and `bash`, `build-essential` tools and optionally `mingw`
+for windows builds. After installing these tools, you can run the `server/` binary with the desired configuration.

app/.dockerignore

@@ -0,0 +1,10 @@
+.DS_Store
+node_modules
+/build
+/.svelte-kit
+/package
+.env
+.env.*
+!.env.example
+vite.config.js.timestamp-*
+vite.config.ts.timestamp-*

app/.gitignore

@@ -0,0 +1,10 @@
+.DS_Store
+node_modules
+/build
+/.svelte-kit
+/package
+.env
+.env.*
+!.env.example
+vite.config.js.timestamp-*
+vite.config.ts.timestamp-*

app/.npmrc

@@ -0,0 +1 @@
+engine-strict=true

app/.prettierignore

@@ -0,0 +1,4 @@
+# Ignore files for PNPM, NPM and YARN
+pnpm-lock.yaml
+package-lock.json
+yarn.lock

app/.prettierrc

@@ -0,0 +1,9 @@
+{
+  "useTabs": false,
+  "tabWidth": 2,
+  "singleQuote": false,
+  "trailingComma": "es5",
+  "printWidth": 100,
+  "plugins": ["prettier-plugin-svelte"],
+  "overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }]
+}

app/README.md

@@ -0,0 +1,3 @@
+# ezcat/app
+
+Frontend for the ezcat mini-C2 framework