Implemented generating agent payloads from the ImGui client.

2025-09-27 15:18:45 +02:00
parent ceba377939
commit 47799ee5f5
11 changed files with 86 additions and 56 deletions
--- a/src/client/main.nim
+++ b/src/client/main.nim
@@ -1,6 +1,6 @@
 import whisky
-import tables, strutils, json, parsetoml
-import ./utils/appImGui
+import tables, strutils, strformat, json, parsetoml, base64, os # native_dialogs
+import ./utils/[appImGui, globals]
 import ./views/[dockspace, sessions, listeners, eventlog, console]
 import ../common/[types, utils]
 import ./websocket
@@ -97,7 +97,16 @@ proc main() =
            sessionsTable.agentActivity[event.data["agentId"].getStr()] = event.timestamp

        of CLIENT_AGENT_PAYLOAD: 
-            discard
+            let payload = decode(event.data["payload"].getStr())
+            try: 
+                let outFilePath = fmt"{CONQUEST_ROOT}/bin/monarch.x64.exe"
+
+                # TODO: Using native file dialogs to have the client select the output file path (does not work in WSL) 
+                # let outFilePath = callDialogFileSave("Save Payload") 
+
+                writeFile(outFilePath, payload)
+            except IOError:
+                discard 

        of CLIENT_CONSOLE_ITEM: 
            let agentId = event.data["agentId"].getStr() 
--- a/src/client/views/console.nim
+++ b/src/client/views/console.nim
@@ -205,7 +205,7 @@ proc draw*(component: ConsoleComponent, ws: WebSocket) =
        igText("Press CTRL+F to focus console filter.")
        igText("Use \",\" as a delimiter to filter for multiple values.")
        igText("Use \"-\" to exclude values.")
-        igText("Example: \"-warning,a,b\" returns all lines that do not include \"warning\" but include \"a\" or \"b\".")
+        igText("Example: \"-warning,a,b\" returns all lines that do not include \"warning\" but include either \"a\" or \"b\".")
        igEndTooltip()

    if igIsWindowFocused(ImGui_FocusedFlags_ChildWindows.int32) and io.KeyCtrl and igIsKeyPressed_Bool(ImGuiKey_F, false):
--- a/src/client/views/listeners.nim
+++ b/src/client/views/listeners.nim
@@ -43,7 +43,9 @@ proc draw*(component: ListenersTableComponent, showComponent: ptr bool, ws: WebS
    if listener != nil: 
        ws.sendStartListener(listener)

-    component.generatePayloadModal.draw(component.listeners)
+    let buildInformation = component.generatePayloadModal.draw(component.listeners)
+    if buildInformation != nil:
+        ws.sendAgentBuild(buildInformation)

    #[
        Listener table
--- a/src/client/views/modals/generatePayload.nim
+++ b/src/client/views/modals/generatePayload.nim
@@ -43,7 +43,7 @@ proc resetModalValues(component: AgentModalComponent) =
    component.spoofStack = false 
    component.moduleSelection.reset()

-proc draw*(component: AgentModalComponent, listeners: seq[UIListener]) =
+proc draw*(component: AgentModalComponent, listeners: seq[UIListener]): AgentBuildInformation =

    let textSpacing = igGetStyle().ItemSpacing.x    
    
@@ -114,18 +114,19 @@ proc draw*(component: AgentModalComponent, listeners: seq[UIListener]) =

        if igButton("Build", vec2(availableSize.x * 0.5 - textSpacing * 0.5, 0.0f)):

-            # Get values 
-            echo listeners[component.listener].listenerId
-            echo $component.sleepDelay
-            echo component.sleepMaskTechniques[component.sleepMask]
-            echo $component.spoofStack
-        
            # Iterate over modules
-            var module: uint32 = 0
+            var modules: uint32 = 0
            for m in component.moduleSelection.items[1]: 
-                module = module or uint32(m.moduleType)
-            echo module
+                modules = modules or uint32(m.moduleType)

+            result = AgentBuildInformation(
+                listenerId: listeners[component.listener].listenerId,
+                sleepDelay: component.sleepDelay,
+                sleepTechnique: cast[SleepObfuscationTechnique](component.sleepMask),
+                spoofStack: component.spoofStack,
+                modules: modules
+            )
+            
            component.resetModalValues()
            igCloseCurrentPopup() 
        
--- a/src/client/websocket.nim
+++ b/src/client/websocket.nim
@@ -25,6 +25,20 @@ proc sendStopListener*(ws: WebSocket, listenerId: string) =
    )
    ws.sendEvent(event)

+proc sendAgentBuild*(ws: WebSocket, buildInformation: AgentBuildInformation) = 
+    let event = Event(
+        eventType: CLIENT_AGENT_BUILD,
+        timestamp: now().toTime().toUnix(), 
+        data: %*{
+            "listenerId": buildInformation.listenerId, 
+            "sleepDelay": buildInformation.sleepDelay,
+            "sleepTechnique": cast[uint8](buildInformation.sleepTechnique),
+            "spoofStack": buildInformation.spoofStack,
+            "modules": buildInformation.modules
+        }
+    )
+    ws.sendEvent(event)
+
 # proc sendAgentCommand*(ws: WebSocket, agentId: string, command: string) = 
 #     var packer = Packer.init()