fix handling of BeaconPrintf(CALLBACK_ERROR, 'foo')

payloads/Demon/Include/Core/Command.h

@@ -33,6 +33,9 @@
 #define DEMON_EXIT                      92
 #define DEMON_INITIALIZE                99
 
+#define DEMON_EXCEPTION                 0x98
+#define DEMON_SYMBOL_NOT_FOUND          0x99
+
 #define DOTNET_INFO_AMSI_PATCHED        0x1
 #define DOTNET_INFO_NET_VERSION         0x2
 #define DOTNET_INFO_ENTRYPOINT_EXECUTED 0x3

payloads/Demon/Source/Loader/CoffeeLdr.c

@@ -31,7 +31,7 @@ LONG WINAPI VehDebugger( PEXCEPTION_POINTERS Exception )
     Exception->ContextRecord->Rip = CoffeeFunctionReturn;
 
     PPACKAGE Package = PackageCreate( DEMON_COMMAND_INLINE_EXECUTE );
-    PackageAddInt32( Package, 0x98 );
+    PackageAddInt32( Package, DEMON_EXCEPTION );
     PackageAddInt32( Package, Exception->ExceptionRecord->ExceptionCode );
     PackageAddInt64( Package, Exception->ExceptionRecord->ExceptionAddress );
     PackageTransmit( Package, NULL, NULL );
@@ -116,7 +116,7 @@ PVOID CoffeeProcessSymbol( LPSTR Symbol )
 
 SymbolNotFound:
     Package = PackageCreate( DEMON_COMMAND_INLINE_EXECUTE );
-    PackageAddInt32( Package, 0x99 );
+    PackageAddInt32( Package, DEMON_SYMBOL_NOT_FOUND );
     PackageAddBytes( Package, Symbol, StringLengthA( Symbol ) );
     PackageTransmit( Package, NULL, NULL );
 
@@ -178,7 +178,7 @@ BOOL CoffeeExecuteFunction( PCOFFEE Coffee, PCHAR Function, PVOID Argument, SIZE
 
         PPACKAGE Package = PackageCreate( DEMON_COMMAND_INLINE_EXECUTE );
 
-        PackageAddInt32( Package, 0x99 );
+        PackageAddInt32( Package, DEMON_SYMBOL_NOT_FOUND );
         PackageAddBytes( Package, Function, StringLengthA( Function ) );
         PackageTransmit( Package, NULL, NULL );
     }

teamserver/pkg/agent/commands.go

@@ -43,7 +43,18 @@ const (
 	COMMAND_OUTPUT      = 90
 	COMMAND_ERROR       = 91
 	COMMAND_EXIT        = 92
-	CALLBACK_OUTPUT_OEM = 0x1e
+
+	COMMAND_EXCEPTION        = 0x98
+	COMMAND_SYMBOL_NOT_FOUND = 0x99
+
+	CALLBACK_OUTPUT      = 0x0
+	CALLBACK_OUTPUT_OEM  = 0x1e
+	CALLBACK_ERROR       = 0x0d
+	CALLBACK_OUTPUT_UTF8 = 0x20
+
+	CALLBACK_MSG_GOOD  = 0x90
+	CALLBACK_MSG_INFO  = 0x91
+	CALLBACK_MSG_ERROR = 0x92
 )
 
 const (

teamserver/pkg/agent/demons.go

@@ -2876,13 +2876,20 @@ func (a *Agent) TaskDispatch(CommandID int, Parser *parser.Parser, teamserver Te
 		)
 
 		switch Type {
-		case 0x0:
+		case CALLBACK_OUTPUT:
 			OutputMap["Output"] = string(Parser.ParseBytes())
 			teamserver.AgentConsole(a.NameID, HAVOC_CONSOLE_MESSAGE, OutputMap)
 
 			break
 
-		case 0x90:
+		case CALLBACK_ERROR:
+			OutputMap["Type"] = "Error"
+			OutputMap["Output"] = string(Parser.ParseBytes())
+			teamserver.AgentConsole(a.NameID, HAVOC_CONSOLE_MESSAGE, OutputMap)
+
+			break
+
+		case CALLBACK_MSG_GOOD:
 			var String = Parser.ParseBytes()
 
 			OutputMap["Type"] = "Good"
@@ -2891,7 +2898,7 @@ func (a *Agent) TaskDispatch(CommandID int, Parser *parser.Parser, teamserver Te
 			teamserver.AgentConsole(a.NameID, HAVOC_CONSOLE_MESSAGE, OutputMap)
 			break
 
-		case 0x91:
+		case CALLBACK_MSG_INFO:
 			var String = Parser.ParseBytes()
 
 			OutputMap["Type"] = "Info"
@@ -2900,7 +2907,7 @@ func (a *Agent) TaskDispatch(CommandID int, Parser *parser.Parser, teamserver Te
 			teamserver.AgentConsole(a.NameID, HAVOC_CONSOLE_MESSAGE, OutputMap)
 			break
 
-		case 0x92:
+		case CALLBACK_MSG_ERROR:
 			var String = Parser.ParseBytes()
 
 			OutputMap["Type"] = "Error"
@@ -2909,7 +2916,7 @@ func (a *Agent) TaskDispatch(CommandID int, Parser *parser.Parser, teamserver Te
 			teamserver.AgentConsole(a.NameID, HAVOC_CONSOLE_MESSAGE, OutputMap)
 			break
 
-		case 0x98:
+		case COMMAND_EXCEPTION:
 			var (
 				Exception = Parser.ParseInt32()
 				Address   = Parser.ParseInt64()
@@ -2921,7 +2928,7 @@ func (a *Agent) TaskDispatch(CommandID int, Parser *parser.Parser, teamserver Te
 			teamserver.AgentConsole(a.NameID, HAVOC_CONSOLE_MESSAGE, OutputMap)
 			break
 
-		case 0x99:
+		case COMMAND_SYMBOL_NOT_FOUND:
 			var LibAndFunc = string(Parser.ParseBytes())
 			logger.Debug(hex.Dump(Parser.Buffer()))