728x90
main.go
서버와 모든 핸들러를 실행시키기 위한 곳
//HTTPS서버를 시작하고 TLS인증서 및 키를 사용하여 443포트에서 HTTPS요청을 처리
fmt.Println("HTTPS server listening on port 443")
err = http.ListenAndServeTLS(":443", "./certs/dev_cert_mdmwindows_com_cert.pem", "./certs/dev_cert_mdmwindows_com.key", globalHandler(r))
if err != nil {
panic(err)
}
• 실행 순서
- h2_bundle.go
클라이언트에서 오는 응답값을 확인을 한 후, discovery쪽에서 출력을 해준다.
- discovery.go => 여기 부분은 응답이 잘 왔는지 확인하는 구간이 거같음
discovery.go 갔다가 log_middleware.go를 통해 요청을 보낸다.
- log_middeware.go
[+]================log_middleware.go (1) 부분이다==========
----------- Input Header -----------
POST /EnrollmentServer/Discovery.svc HTTP/2.0
Host: enterpriseenrollment.mdmwindows.com
Content-Length: 1043
Content-Type: application/soap+xml; charset=utf-8
User-Agent: ENROLLClient
----------- Input Body -----------
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.microso
ft.com/windows/management/2012/01/enrollment/IDiscoveryService/Discover</a:Action>
<a:MessageID>urn:uuid:748132ec-a575-4329-b01b-6171a9cf8478</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://EnterpriseEnrollme
nt.mdmwindows.com:443/EnrollmentServer/Discovery.svc</a:To>
</s:Header>
<s:Body>
<Discover xmlns="http://schemas.microsoft.com/windows/management/2012/01/enrollment">
<request xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<EmailAddress>test@mdmwindows.com</EmailAddress>
<RequestVersion>5.0</RequestVersion>
<DeviceType>CIMClient_Windows</DeviceType>
<ApplicationVersion>10.0.22621.2428</ApplicationVersion>
DiscoveryHandler 함수 실행하기 전에 클라이언트에서 입력한 계정정보가 전달이 된다...
serverHandler부분에서 클라이언트에대한 정보를 받아온다..그 다음 log.middleware에서 출력을 해준 다음 discoveryHandler로 가는거 같다
- PolicyHandler.go
func PolicyHandler(w http.ResponseWriter, r *http.Request) {
// Read The HTTP Request body
bodyRaw, err := ioutil.ReadAll(r.Body)
if err != nil {
panic(err)
}
body := string(bodyRaw)
// Retrieve the MessageID From The Body For The Response
messageID := strings.Replace(strings.Replace(regexp.MustCompile(`<a:MessageID>[\s\S]*?<\/a:MessageID>`).FindStringSubmatch(body)[0], "<a:MessageID>", "", -1), "</a:MessageID>", "", -1)
response := []byte(`
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<Action mustUnderstand="1">http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy/IPolicy/GetPoliciesResponse</Action>
<a:RelatesTo>` + messageID + `</a:RelatesTo>
</s:Header>
<s:Body xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<GetPoliciesResponse xmlns="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy">
<response>
<policyID></policyID>
<policyFriendlyName xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"></policyFriendlyName>
<nextUpdateHours xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"></nextUpdateHours>
<policiesNotChanged xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"></policiesNotChanged>
<policies>
<policy>
<policyOIDReference>0</policyOIDReference>
<cAs xsi:nil="true"></cAs>
<attributes>
<commonName>Attributes</commonName>
<policySchema>2</policySchema>
<certificateValidity>
<validityPeriodSeconds>1209600</validityPeriodSeconds>
<renewalPeriodSeconds>172800</renewalPeriodSeconds>
</certificateValidity>
<permission>
<enroll>true</enroll>
<autoEnroll>false</autoEnroll>
</permission>
<privateKeyAttributes>
<minimalKeyLength>2048</minimalKeyLength>
<keySpec xsi:nil="true"></keySpec>
<keyUsageProperty xsi:nil="true"></keyUsageProperty>
<permissions xsi:nil="true"></permissions>
<algorithmOIDReference xsi:nil="true"></algorithmOIDReference>
<cryptoProviders xsi:nil="true"></cryptoProviders>
</privateKeyAttributes>
<revision>
<majorRevision>101</majorRevision>
<minorRevision>0</minorRevision>
</revision>
<supersededPolicies xsi:nil="true"></supersededPolicies>
<privateKeyFlags xsi:nil="true"></privateKeyFlags>
<subjectNameFlags xsi:nil="true"></subjectNameFlags>
<enrollmentFlags xsi:nil="true"></enrollmentFlags>
<generalFlags xsi:nil="true"></generalFlags>
<hashAlgorithmOIDReference>0</hashAlgorithmOIDReference>
<rARequirements xsi:nil="true"></rARequirements>
<keyArchivalAttributes xsi:nil="true"></keyArchivalAttributes>
<extensions xsi:nil="true"></extensions>
</attributes>
</policy>
</policies>
</response>
<oIDs>
<oID>
<value>1.3.14.3.2.29</value>
<group>1</group>
<oIDReferenceID>0</oIDReferenceID>
<defaultName>szOID_NIST_sha256</defaultName>
</oID>
</oIDs>
</GetPoliciesResponse>
</s:Body>
</s:Envelope>`)
// Return response body
w.Header().Set("Content-Type", "application/soap+xml; charset=utf-8")
w.Header().Set("Content-Length", strconv.Itoa(len(response)))
w.Write(response)
}
정책에 대한 적용을
- enrollment.go
enrollment.go 핸들러 시작전에 클라이언트에대한 정보가 출력이 된다.
- manage.go
결론
1. log_middleware.go 에서 클라이언트 정보를 가져온다
2. discovery.go 에서 통신이 잘되는지 확인을 한다.
3. policy.go 에서 정책을 확인한다
4. enrollment.go에서 등록을 한다.
'코딩 및 기타 > 프로젝트' 카테고리의 다른 글
| OpenAI 사용방법 (0) | 2023.10.21 |
|---|---|
| Agentless(MDM) (0) | 2023.10.15 |
| Sliver(슬리버) (0) | 2023.10.07 |
| HAVOC (0) | 2023.10.03 |
| GO 프로그래밍 (0) | 2023.09.21 |
