Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

POC: Returning the http server location instead of the C2 connection string in the agent profile #31

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mrengstrom
Copy link
Contributor

Description

A fix for the behavior seen in mitre/caldera#2165
The way things currently run, the C2 connection string is what gets returned in the agent profile to the server, which is used to construct the agent object. The C2 string is nice to have, but places of replacement of #{server} in abilities are expecting the http server, so that seems the more appropriate value to send back.

Ideally we would send back both the http server and the connection strings, so that we could send payloads back and initialize agents with the same C2 channels. This all is more involved as P2P agents beacon in as upstream agents will have to implement web servers for file uploads and C2 channels for communications (all this work is done already for sandcat and it works in this specific way)

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Tested the same scenario as the issue, and was able to reproduce it, then implement a fix that populates out the ability values correctly.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • [NA] I have made corresponding changes to the documentation
  • [NA] I have added tests that prove my fix is effective or that my feature works

@mrengstrom mrengstrom added bug Something isn't working needs investigation look into this and validate it's a bug labels Jun 25, 2021
@wbooth wbooth marked this pull request as draft July 9, 2021 15:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working needs investigation look into this and validate it's a bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant