Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to deploy agents & minor bug on Create an Ability #2348

Closed
radioheado opened this issue Nov 3, 2021 · 7 comments
Closed

Unable to deploy agents & minor bug on Create an Ability #2348

radioheado opened this issue Nov 3, 2021 · 7 comments
Assignees
@cyber-arsenull @wbooth
Labels
bug no-issue-activity

Comments

@radioheado
Copy link

radioheado commented Nov 3, 2021
edited
Loading

Describe the bug
There's an open issue similar to my problem #2347 but that user uses a different platform and didn't provide clear instructions on how to reproduce. Thus I chose to open a new issue to describe my situation in detail.

To Reproduce
I installed 4.0.0-alpha and used git pull to get the updates because I wanted to test an older issue #2315 opened by me as well which just got fixed.

Steps to reproduce behavior 1 (unable to deploy agents):

  1. git clone https://github.com/mitre/caldera.git --recursive --branch 4.0.0-alpha
  2. cd caldera
  3. git pull https://github.com/mitre/caldera.git
  4. sudo pip3 install -r requirements.txt
  5. python3 server.py -l DEBUG
  6. Log in with red credential
  7. Deploy a 54ndc47 (Sandcat) agent using Linux platform. The command is server="http://0.0.0.0:8888";curl -s -X POST -H "file:sandcat.go" -H "platform:linux" $server/file/download > splunkd;chmod +x splunkd;./splunkd -server $server -group red -v
  8. Outside of CALDERA, open a terminal window with a shell.
  9. Paste the command into the shell and execute it.

The error message produced by the server when doing step 5 is shown in Screenshot 1. Screenshot 2 shows information after executing the command at step 7.

Another bug is on Create an Ability.
Steps to reproduce behavior 2 (Create an Ability):

  1. Click abilities
  2. Click + Create an Ability
  3. Fill out the needed information before + Add Cleanup Command
  4. Click + Add Cleanup Command and the window will be closed immediately, as well as all the tabs already opened

As I mentioned in the title that this is a minor bug because I can still add cleanup commands by doing these steps again. The best way to do this is to click Save after step 3, so all the information you just entered will be saved and you don't need to do it again after the crash.

Screenshots
Screenshot 1:
image

Screenshot 2:
image

Desktop (please complete the following information):

  • OS: Ubuntu 20.04.2 LTS
  • Browser: Firefox
  • Version 4.0.0-alpha with git pull

Additional context
Add any other context about the problem here.
@radioheado radioheado added the bug label Nov 3, 2021
@cyber-arsenull
Copy link
Contributor

I was able to reproduce this on Ubuntu 20 and Windows using the steps provided. I will try to take a closer look and see, thank you for the detailed report!

@cyber-arsenull cyber-arsenull self-assigned this Nov 4, 2021
@cyber-arsenull cyber-arsenull mentioned this issue Nov 4, 2021
Closed
@cyber-arsenull
Copy link
Contributor

This is due to origin_link_id being a String in the AgentFieldsSchema:

origin_link_id = ma.fields.String()

However in the agent it is being used as an integer in sandcat.go

originLinkID := flag.Int("originLinkID", 0, "Optionally set originating link ID")

I'm not quite sure how this error is only showing up now...
Seems that some months ago origin_link_id got changed to string from int in the server to match UUID link ID fromat.

@wbooth We can change the agent to use "0" instead as a default. And/or we can sanitize the beacon on the server-side (change ints to strings). Probably the former.

@cyber-arsenull
Copy link
Contributor

This is actually already fixed in the agent (gocat) #59, and is simply an issue of sandcat not referencing the correct gocat version (and then caldera not referencing the correct sandcat version)

@radioheado if you navigate into caldera/plugins/sandcat/gocat and do git checkout master and git pull you should be good to go.

@radioheado
Copy link
Author

git checkout master

Thanks for the quick response. Just tried this and it worked! But here's a new bug when I want to add an ability to an adversary.

Please check the following screenshot:
image

This happened when I clicked + Add Ability under the adversary profile description, no matter what adversary I was opening.
Although I was able to create a new ability as I asked in #2315, I couldn't add it to the Certifiable adversary as the User Certificate instructs.
However, I completed the badge mentioned in #2315 somehow. So I can proceed to the following badges.

To Reproduce

  1. open the adversaries tab
  2. select one adversary
  3. click + Add Ability under the description of the adversary
  4. the popup window will be the same with the screenshot above

@cyber-arsenull cyber-arsenull mentioned this issue Nov 5, 2021
Closed
@cyber-arsenull
Copy link
Contributor

Opened a new issue to track it: #2350
Looks like a name collision in the html file.

@github-actions
Copy link

This issue is stale because it has been open 20 days with no activity. Remove stale label or comment or this will be closed in 5 days

@cyber-arsenull
Copy link
Contributor

This has been resolved with updates to the sandcat / gocat branch tags in CALDERA, please re-open if any of these issues continue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cyber-arsenull cyber-arsenull

@wbooth wbooth

Labels
bug no-issue-activity
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cyber-arsenull @wbooth @radioheado