From 35d77437050472719d2c42b351f537ae0818fb6f Mon Sep 17 00:00:00 2001
From: Betty <betty.bombers@proyon.me>
Date: Mon, 30 Mar 2026 16:51:02 +0200
Subject: [PATCH] post: commit 9eb4c92 in bojemoi

---
 .../commits/2026-03-30-commit-9eb4c92.md      | 106 ++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 content/posts/commits/2026-03-30-commit-9eb4c92.md

diff --git a/content/posts/commits/2026-03-30-commit-9eb4c92.md b/content/posts/commits/2026-03-30-commit-9eb4c92.md
new file mode 100644
index 0000000..77788b0
--- /dev/null
+++ b/content/posts/commits/2026-03-30-commit-9eb4c92.md
@@ -0,0 +1,106 @@
+---
+title: "[bojemoi] feat(c2): multi-redirector infrastructure + split borodino images"
+date: 2026-03-30T16:51:02+02:00
+draft: false
+tags: ["commit", "bojemoi", "main"]
+categories: ["Git Activity"]
+summary: "Commit 9eb4c92 par Betty dans bojemoi"
+author: "Betty"
+---
+
+## Commit `9eb4c92`
+
+| | |
+|---|---|
+| **Repository** | bojemoi |
+| **Branch** | `main` |
+| **Author** | Betty |
+| **Hash** | `9eb4c9236b88b18f05b572b6459a3b331190a5ab` |
+
+
+### Description
+
+C2 redirector infrastructure:
+- redirector/: nginx GeoIP2 container (debian:bookworm-slim) proxying to bojemoi.me:8443
+- scripts/c2-vpn-init-pki.sh: EasyRSA PKI init (CA + server cert + lab-manager client)
+- scripts/provision-redirector.sh: Fly.io redirector provisioning
+- scripts/c2-manage.sh: start/stop/list/delete management script
+- cloud-init/redirector-template.yaml: VPS cloud-init template
+
+Architecture: Implants → Redirectors → bojemoi.me:8443 → VPN → 192.168.1.x:4444
+
+Borodino image split:
+- Dockerfile.borodino: lightweight Alpine (ak47 + bm12, ~150 MB, no MSF)
+- Dockerfile.borodino-msf: full Ruby+MSF image (uzi + msf-teamserver, ~4 GB)
+- start_msf_server.sh: msfrpcd teamserver on 0.0.0.0:55553 (shared by all uzi workers)
+- start_uzi.sh: MSF_HOST support (local vs remote teamserver)
+- thearm_uzi: _pick_redirector() reads C2_REDIRECTORS env, MSF_HOST configurable
+
+Stack borodino:
+- New msf-teamserver service (1 replica worker, borodino-msf image)
+- uzi-service: MSF_HOST=msf-teamserver, C2_REDIRECTORS=37.16.12.4
+- ak47/bm12: now use lightweight borodino image
+
+Remove discovery service (breachforum scraper deprecated)
+volumes/c2-vpn/.gitignore: exclude PKI keys/certs from git
+
+Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
+
+### Files Changed
+
+```
+M	borodino/Dockerfile.borodino
+A	borodino/Dockerfile.borodino-msf
+A	borodino/start_msf_server.sh
+M	borodino/start_uzi.sh
+M	borodino/thearm_uzi
+A	cloud-init/redirector-template.yaml
+D	discovery/Dockerfile
+D	discovery/breachforum_discovery_api.py
+D	discovery/breachforum_onion_discovery.py
+D	discovery/entrypoint.sh
+A	redirector/Dockerfile
+A	redirector/c2-proxy.conf
+A	redirector/nginx.conf
+D	scripts/Dockerfile.discovery
+D	scripts/breachforum_discovery_api.py
+D	scripts/breachforum_onion_discovery.py
+A	scripts/c2-manage.sh
+A	scripts/c2-vpn-init-pki.sh
+D	scripts/docker-compose.discovery.yml
+A	scripts/provision-redirector.sh
+M	stack/40-service-borodino.yml
+D	stack/66-service-discovery.yml
+A	volumes/c2-vpn/.gitignore
+A	volumes/c2-vpn/README.md
+```
+
+### Diff Summary
+
+```
+ borodino/Dockerfile.borodino             |  62 +---
+ borodino/Dockerfile.borodino-msf         |  58 ++++
+ borodino/start_msf_server.sh             |  51 +++
+ borodino/start_uzi.sh                    |  68 ++--
+ borodino/thearm_uzi                      |  84 ++++-
+ cloud-init/redirector-template.yaml      | 317 ++++++++++++++++++
+ discovery/Dockerfile                     |  35 --
+ discovery/breachforum_discovery_api.py   | 259 ---------------
+ discovery/breachforum_onion_discovery.py | 529 -------------------------------
+ discovery/entrypoint.sh                  |  33 --
+ redirector/Dockerfile                    |  33 ++
+ redirector/c2-proxy.conf                 |  39 +++
+ redirector/nginx.conf                    |  43 +++
+ scripts/Dockerfile.discovery             |  34 --
+ scripts/breachforum_discovery_api.py     | 259 ---------------
+ scripts/breachforum_onion_discovery.py   | 421 ------------------------
+ scripts/c2-manage.sh                     | 415 ++++++++++++++++++++++++
+ scripts/c2-vpn-init-pki.sh               | 255 +++++++++++++++
+ scripts/docker-compose.discovery.yml     |  99 ------
+ scripts/provision-redirector.sh          |  91 ++++++
+ stack/40-service-borodino.yml            |  76 ++++-
+ stack/66-service-discovery.yml           |  73 -----
+ volumes/c2-vpn/.gitignore                |   6 +
+ volumes/c2-vpn/README.md                 |  46 +++
+ 24 files changed, 1559 insertions(+), 1827 deletions(-)
+```