fix: some bug

h3zh1 · h3zh1 · commit 75dfa7a022a0 · 2025-04-25T01:37:05.000+08:00
diff --git a/community-common/modules/common_bof.lua b/community-common/modules/common_bof.lua
@@ -3,47 +3,47 @@ local function bof_path(bof_name, arch)
     return "common/bof/" .. bof_name .. "." .. arch .. ".o"
 end
 local function command_register(command_name, command_function, help_string, ttp)
-    command( parent_command .. ":" .. command_name, command_function, help_string, ttp)
+    command(parent_command .. ":" .. command_name, command_function,
+            help_string, ttp)
 end
 
 -- netUserAdd
-local function parse_netuseradd_bof(args)
-    local size = #args
-    if size < 2 then
-        error(">=2 arguments are allowed")
-    end
-    local username = args[1]
-    local password = args[2]
-    return bof_pack("ZZ", username, password)
-end
-local function run_netuseradd_bof(args)
-    args = parse_netuseradd_bof(args)
+
+local function run_netuseradd_bof(cmd)
+    local username = cmd:Flags():GetString("username")
+    local password = cmd:Flags():GetString("password")
+    if username == "" then error("username is required") end
+    if password == "" then error("password is required") end
+    local pack_args = bof_pack("ZZ", username, password)
     local session = active()
     local arch = session.Os.Arch
     if not isadmin(session) then
         error("You need to be an admin to run this command")
     end
     local bof_file = bof_path("NetUserAdd", arch)
-    return bof(session, script_resource(bof_file), args, true)
+    return bof(session, script_resource(bof_file), pack_args, true)
 end
-command_register("netuseradd_bof", run_netuseradd_bof, "netuseradd_bof <username> <password>", "")
+
+local netuseradd_bof_command = command_register("netuseradd_bof",
+                                                run_netuseradd_bof,
+                                                "netuseradd_by_bof <username> <password>",
+                                                "")
+netuseradd_bof_command:Flags():String("username", "", "the username to add")
+netuseradd_bof_command:Flags():String("password", "", "the password to set")
 
 -- curl
 local function parse_curl_bof(args)
     local size = #args
-    if size < 1 then
-        error(">=1 arguments are allowed")
-    end
+    if size < 1 then error(">=1 arguments are allowed") end
     local host = args[1]
     local port = "80"
     local method = "GET"
     local header = "Accept: */*"
-    local userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"
+    local userAgent =
+        "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"
     local body = ""
 
-    if size >= 2 then
-        port = args[2]
-    end
+    if size >= 2 then port = args[2] end
     local valid_methods = {
         GET = true,
         POST = true,
@@ -58,54 +58,44 @@ local function parse_curl_bof(args)
         end
     end
     local output = 1
-    if args[4] == "--disable-output" then
-        output = 0
-    end
+    if args[4] == "--disable-output" then output = 0 end
     proxy = 1
-    if args[4] == "--noproxy" then
-        proxy = 0
-    end
-    if size >= 5 then
-        userAgent = args[5]
-    end
-    if size >= 6 then
-        header = args[6]
-    end
-    if size >= 7 then
-        body = args[7]
-    end
-    return bof_pack("zizizzzi", host, port, method, output, userAgent, header, body, proxy)
+    if args[4] == "--noproxy" then proxy = 0 end
+    if size >= 5 then userAgent = args[5] end
+    if size >= 6 then header = args[6] end
+    if size >= 7 then body = args[7] end
+    return bof_pack("zizizzzi", host, port, method, output, userAgent, header,
+                    body, proxy)
 end
 
 local function run_curl_bof(args)
     args = parse_curl_bof(args)
     local session = active()
     local arch = session.Os.Arch
-    local bof_file = bof_path("curl",arch)
+    local bof_file = bof_path("curl", arch)
     return bof(session, script_resource(bof_file), args, true)
 end
-command_register("curl_bof", run_curl_bof, "curl <host> [port] [method] [--show|--noproxy] [userAgent] [header] [body]", "")
+command_register("curl_bof", run_curl_bof,
+                 "curl <host> [port] [method] [--show|--noproxy] [userAgent] [header] [body]",
+                 "")
 -- readfile
 
 local function run_readfile_bof(args)
-    if args[1] == nil then
-        error(">=1 arguments are allowed")
-    end
+    if args[1] == nil then error(">=1 arguments are allowed") end
     local file_path = args[1]
     local packed_args = bof_pack("z", file_path)
     local session = active()
     local arch = session.Os.Arch
     local bof_file = bof_path("readfile", arch)
     return bof(session, script_resource(bof_file), packed_args, true)
 end
-command_register("readfile_bof", run_readfile_bof, "readfile_bof <file_path>", "")
+command_register("readfile_bof", run_readfile_bof, "readfile_bof <file_path>",
+                 "")
 
 -- kill_defender
 local function parse_kill_defender_bof(args)
     local size = #args
-    if size < 1 then
-        error(">=1 arguments are allowed")
-    end
+    if size < 1 then error(">=1 arguments are allowed") end
     local action = args[1]
     if action == "kill" or action == "check" then
         local username = session.Os.Username
@@ -118,7 +108,8 @@ local function run_kill_defender_bof(args)
     local bof_file = bof_path("kill_defender", arch)
     return bof(session, script_resource(bof_file), args, true)
 end
-command_register("kill_defender_bof", run_kill_defender_bof, "kill_defender_bof <action>", "")
+command_register("kill_defender_bof", run_kill_defender_bof,
+                 "kill_defender_bof <action>", "")
 -- clipboard
 local function run_clipboard_bof(args)
     local session = active()
@@ -133,13 +124,12 @@ local function run_dump_clipboard(args)
     local bof_file = bof_path("dump_clipboard", arch)
     return bof(session, script_resource(bof_file), args, true)
 end
-command_register("dump_clipboard_bof", run_dump_clipboard, "dump_clipboard_bof", "")
+command_register("dump_clipboard_bof", run_dump_clipboard, "dump_clipboard_bof",
+                 "")
 -- wifidump
 local function parse_wifidump_bof(args)
     local size = #args
-    if size < 1 then
-        error(">=1 arguments are allowed")
-    end
+    if size < 1 then error(">=1 arguments are allowed") end
     print(args[1])
     local interface = args[1]
     return bof_pack("Z", interface)
@@ -151,13 +141,12 @@ local function run_wifidump_bof(args)
     local bof_file = bof_path("wifidump", arch)
     return bof(session, script_resource(bof_file), args, true)
 end
-command_register("wifidump_bof", run_wifidump_bof, "wifidump_bof <profilename>", "")
+command_register("wifidump_bof", run_wifidump_bof, "wifidump_bof <profilename>",
+                 "")
 
 -- wifienum
 local function run_wifienum_bof(args)
-    if #args > 0 then
-        error("no arguments are allowed")
-    end
+    if #args > 0 then error("no arguments are allowed") end
     local session = active()
     local arch = session.Os.Arch
     local bof_file = bof_path("wifienum", arch)
@@ -178,16 +167,12 @@ command_register("meminfo_bof", run_read_memory_bof, "meminfo_bof", "")
 -- Usage : memreader <target-pid> <pattern> <output-size>
 local function parse_memory_reader_bof(args)
     local size = #args
-    if size < 2 then
-        error(">=2 arguments are allowed")
-    end
+    if size < 2 then error(">=2 arguments are allowed") end
     local target_pid = args[1]
     local pattern = args[2]
-    local output_size= 10
-    if size == 3 then
-        output_size = args[3]
-    end
-    return bof_pack( "izi", target_pid, pattern, output_size)
+    local output_size = 10
+    if size == 3 then output_size = args[3] end
+    return bof_pack("izi", target_pid, pattern, output_size)
 end
 
 local function run_memory_reader_bof(args)
@@ -197,7 +182,9 @@ local function run_memory_reader_bof(args)
     local bof_file = bof_path("memreader", arch)
     return bof(session, script_resource(bof_file), args, true)
 end
-command_register("mem_reader_bof", run_memory_reader_bof, "common mem_reader_bof <target-pid> <pattern> <output-size>", "")
+command_register("mem_reader_bof", run_memory_reader_bof,
+                 "common mem_reader_bof <target-pid> <pattern> <output-size>",
+                 "")
 
 -- regdump
 local function run_regdump_bof(args)
@@ -229,15 +216,16 @@ local function run_screenshot(args)
     local result = bof(session, script_resource(bof_file), packed_args, true)
     return result
 end
-command_register("screenshot_bof", run_screenshot, "Command: situational screenshot <filename>", "T1113")
-
+command_register("screenshot_bof", run_screenshot,
+                 "Command: situational screenshot <filename>", "T1113")
 
 --- common sharp 
 local function run_SharpWebServer(args)
     local session = active()
     local arch = session.Os.Arch
     local csharp_file = "common/SharpWebServer_net4.5.exe"
-    return execute_assembly(session, script_resource(csharp_file), args, true,new_sac())
+    return execute_assembly(session, script_resource(csharp_file), args, true,
+                            new_sac())
 end
 command("common:sharpweb", run_SharpWebServer, "common sharpweb", "")
 
diff --git a/community-elevate/modules/uacbofbonanza.lua b/community-elevate/modules/uacbofbonanza.lua
@@ -171,7 +171,7 @@ local function run_EditionUpgradeManager(cmd)
     local file_content = file_content_handle:read("*all")
     file_content_handle:close()
     local content_len = string.len(file_content)
-    local pack_args = bof_pack("iz", content_len, file_content) -- string field contains invalid UTF-8
+    local pack_args = bof_pack("ib", content_len, file_content) -- string field contains invalid UTF-8
     return bof(session, script_resource(bof_file), pack_args, true)
 end
 local cmd_EditionUpgradeManager = command("uac-bypass:editionupgrade",
diff --git a/community-proxy/modules/proxy.lua b/community-proxy/modules/proxy.lua
@@ -1,4 +1,3 @@
-local root_command= "proxy"
 local function new_sac()
     local sac = new_sacrifice(0,false,false,false,"")
     return sac
@@ -12,4 +11,4 @@ local function run_gost(args)
     local sac = new_sac()
     return execute_exe(session, pe_path, args, true, 60, arch, "", sac)
 end
-command( root_command.. ":gost", run_gost, "Usage: proxy gost -- <gost args>", "")
+command( "community-proxy:gost", run_gost, "Usage: proxy gost -- <gost args>", "")
