admin/conquest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implemented dynamic sleepmask configuration command.

Browse Source
This commit is contained in:
Jakob Friedl
2025-09-19 10:11:20 +02:00
parent 971bb6c8df
commit 3173122878
4 changed files with 65 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/client/layout.ini
View File

@@ -5,10 +5,10 @@ Collapsed=0
DockId=0x00000003,0 DockId=0x00000003,0
[Window][Listeners] [Window][Listeners]
Pos=10,402 Pos=10,43
Size=1888,587 Size=1477,357
Collapsed=0 Collapsed=0
DockId=0x00000007,0 DockId=0x00000003,1
[Window][Eventlog] [Window][Eventlog]
Pos=1489,43 Pos=1489,43
@@ -17,10 +17,10 @@ Collapsed=0
DockId=0x00000004,0 DockId=0x00000004,0
[Window][Dear ImGui Demo] [Window][Dear ImGui Demo]
Pos=10,402 Pos=1489,43
Size=1888,587 Size=409,357
Collapsed=0 Collapsed=0
DockId=0x00000007,1 DockId=0x00000004,1
[Window][Dockspace] [Window][Dockspace]
Pos=0,0 Pos=0,0
@@ -31,13 +31,13 @@ Collapsed=0
Pos=956,326 Pos=956,326
Size=942,663 Size=942,663
Collapsed=0 Collapsed=0
DockId=0x00000008,0 DockId=0x00000002,0
[Window][[C9D8E7F6] charlie@SERVER-03] [Window][[C9D8E7F6] charlie@SERVER-03]
Pos=956,326 Pos=10,402
Size=942,663 Size=1888,587
Collapsed=0 Collapsed=0
DockId=0x00000006,0 DockId=0x00000002,0
[Window][Debug##Default] [Window][Debug##Default]
Pos=60,60 Pos=60,60
@@ -48,19 +48,19 @@ Collapsed=0
Pos=10,402 Pos=10,402
Size=1888,587 Size=1888,587
Collapsed=0 Collapsed=0
DockId=0x00000007,1 DockId=0x00000002,1
[Window][[DEADBEEF] alice@DESKTOP-01] [Window][[DEADBEEF] alice@DESKTOP-01]
Pos=10,402 Pos=10,402
Size=1888,587 Size=1888,587
Collapsed=0 Collapsed=0
DockId=0x00000007,1 DockId=0x00000002,1
[Window][Example: Console] [Window][Example: Console]
Pos=10,572 Pos=10,572
Size=2848,1113 Size=2848,1113
Collapsed=0 Collapsed=0
DockId=0x00000007,2 DockId=0x00000002,2
[Window][Example: Assets Browser] [Window][Example: Assets Browser]
Pos=60,60 Pos=60,60
@@ -135,14 +135,10 @@ Column 2 Weight=0.4873
Column 3 Weight=0.9746 Column 3 Weight=0.9746
[Docking][Data] [Docking][Data]
DockNode ID=0x00000009 Pos=100,200 Size=754,103 Selected=0x64D005CF DockNode ID=0x00000009 Pos=100,200 Size=754,103 Selected=0x64D005CF
DockSpace ID=0x85940918 Window=0x260A4489 Pos=10,43 Size=1888,946 Split=Y DockSpace ID=0x85940918 Window=0x260A4489 Pos=10,43 Size=1888,946 Split=Y
DockNode ID=0x00000001 Parent=0x85940918 SizeRef=1024,357 Split=X DockNode ID=0x00000001 Parent=0x85940918 SizeRef=1024,357 Split=X
DockNode ID=0x00000003 Parent=0x00000001 SizeRef=613,159 CentralNode=1 Selected=0x61E02D75 DockNode ID=0x00000003 Parent=0x00000001 SizeRef=613,159 CentralNode=1 Selected=0x61E02D75
DockNode ID=0x00000004 Parent=0x00000001 SizeRef=409,159 Selected=0x0FA43D88 DockNode ID=0x00000004 Parent=0x00000001 SizeRef=409,159 Selected=0x5E5F7166
DockNode ID=0x00000002 Parent=0x85940918 SizeRef=1024,587 Split=X Selected=0x8D780333 DockNode ID=0x00000002 Parent=0x85940918 SizeRef=1024,587 Selected=0x65D642C0
DockNode ID=0x00000005 Parent=0x00000002 SizeRef=944,663 Split=X Selected=0x8D780333
DockNode ID=0x00000007 Parent=0x00000005 SizeRef=944,663 Selected=0x6BE22050
DockNode ID=0x00000008 Parent=0x00000005 SizeRef=942,663 Selected=0x4AD091E6
DockNode ID=0x00000006 Parent=0x00000002 SizeRef=942,663 Selected=0x65D642C0

7
src/client/views/modals/startListener.nim
View File

@@ -12,16 +12,13 @@ type
protocol: int32 protocol: int32
protocols: seq[string] protocols: seq[string]
proc getProtocols(): seq[string] =
for p in Protocol.low .. Protocol.high:
result.add($p)
proc ListenerModal*(): ListenerModalComponent = proc ListenerModal*(): ListenerModalComponent =
result = new ListenerModalComponent result = new ListenerModalComponent
zeroMem(addr result.address[0], 256) zeroMem(addr result.address[0], 256)
result.port = DEFAULT_PORT result.port = DEFAULT_PORT
result.protocol = 0 result.protocol = 0
result.protocols = getProtocols() for p in Protocol.low .. Protocol.high:
result.protocols.add($p)
proc resetModalValues(component: ListenerModalComponent) = proc resetModalValues(component: ListenerModalComponent) =
zeroMem(addr component.address[0], 256) zeroMem(addr component.address[0], 256)

1
src/common/types.nim
View File

@@ -49,6 +49,7 @@ type
CMD_UPLOAD = 14'u16 CMD_UPLOAD = 14'u16
CMD_SCREENSHOT = 15'u16 CMD_SCREENSHOT = 15'u16
CMD_DOTNET = 16'u16 CMD_DOTNET = 16'u16
CMD_SLEEPMASK = 17'u16
ModuleType* = enum ModuleType* = enum
MODULE_ALL = 1'u32 MODULE_ALL = 1'u32

44
src/modules/sleep.nim
View File

@@ -2,6 +2,7 @@ import ../common/[types, utils]
# Define function prototype # Define function prototype
proc executeSleep(ctx: AgentCtx, task: Task): TaskResult proc executeSleep(ctx: AgentCtx, task: Task): TaskResult
proc executeSleepmask(ctx: AgentCtx, task: Task): TaskResult
# Module definition # Module definition
let module* = Module( let module* = Module(
@@ -11,12 +12,23 @@ let module* = Module(
Command( Command(
name: protect("sleep"), name: protect("sleep"),
commandType: CMD_SLEEP, commandType: CMD_SLEEP,
description: protect("Update sleep delay configuration."), description: protect("Update sleep delay settings."),
example: protect("sleep 5"), example: protect("sleep 5"),
arguments: @[ arguments: @[
Argument(name: protect("delay"), description: protect("Delay in seconds."), argumentType: INT, isRequired: true) Argument(name: protect("delay"), description: protect("Delay in seconds."), argumentType: INT, isRequired: true)
], ],
execute: executeSleep execute: executeSleep
),
Command(
name: protect("sleepmask"),
commandType: CMD_SLEEPMASK,
description: protect("Update sleepmask settings."),
example: protect("sleepmask ekko true"),
arguments: @[
Argument(name: protect("technique"), description: protect("Sleep obfuscation technique (NONE, EKKO, ZILEAN, FOLIAGE). Executing without arguments retrieves current sleepmask settings."), argumentType: STRING, isRequired: false),
Argument(name: protect("spoof"), description: protect("Use stack spoofing to obfuscate the call stack."), argumentType: BOOL, isRequired: false)
],
execute: executeSleepmask
) )
] ]
) )
@@ -24,6 +36,7 @@ let module* = Module(
# Implement execution functions # Implement execution functions
when defined(server): when defined(server):
proc executeSleep(ctx: AgentCtx, task: Task): TaskResult = nil proc executeSleep(ctx: AgentCtx, task: Task): TaskResult = nil
proc executeSleepmask(ctx: AgentCtx, task: Task): TaskResult = nil
when defined(agent): when defined(agent):
@@ -45,3 +58,32 @@ when defined(agent):
except CatchableError as err: except CatchableError as err:
return createTaskResult(task, STATUS_FAILED, RESULT_STRING, string.toBytes(err.msg)) return createTaskResult(task, STATUS_FAILED, RESULT_STRING, string.toBytes(err.msg))
proc executeSleepmask(ctx: AgentCtx, task: Task): TaskResult =
try:
echo fmt" [>] Updating sleepmask settings."
case int(task.argCount):
of 0:
# Retrieve sleepmask settings
let response = fmt"Sleepmask settings: Technique: {$ctx.sleepTechnique}, Delay: {$ctx.sleep}ms, Stack spoofing: {$ctx.spoofStack}" & "\n"
return createTaskResult(task, STATUS_COMPLETED, RESULT_STRING, string.toBytes(response))
of 1:
# Only set the sleepmask technique
let technique = parseEnum[SleepObfuscationTechnique](Bytes.toString(task.args[0].data).toUpperAscii())
ctx.sleepTechnique = technique
else:
# Set sleepmask technique and stack-spoofing configuration
let technique = parseEnum[SleepObfuscationTechnique](Bytes.toString(task.args[0].data).toUpperAscii())
ctx.sleepTechnique = technique
let spoofStack = cast[bool](task.args[1].data[0]) # BOOLEAN values are just 1 byte
ctx.spoofStack = spoofStack
return createTaskResult(task, STATUS_COMPLETED, RESULT_NO_OUTPUT, @[])
except CatchableError as err:
return createTaskResult(task, STATUS_FAILED, RESULT_STRING, string.toBytes(err.msg))