Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement install subcommand #393

Merged
merged 9 commits into from
Dec 17, 2023
Merged

Implement install subcommand #393

merged 9 commits into from
Dec 17, 2023

Conversation

hulto
Copy link
Collaborator

@hulto hulto commented Dec 10, 2023
edited

What type of PR is this?

/kind feature

What this PR does / why we need it:

This PR allows you to use the imix install subcommand.
The install subcommand executes embedded tomes similar to golem.
It will loop through all embedded files looking for main.eld
Each main.eld will execute in a new thread. This is done to allow imix to install redundantly or install additional (non dependent) tools.

The install subcommand makes allows some variables to be passed form the user into the tomes through the -c flag.
When specified input_params['custom_config'] is set to the file path of the config specified Eg.
./imix install -c /tmp/imix-config.json will result in input_params['custom_config'] = "/tmp/imix-config.json

Tomes can parse this with the following:

def main():
    if 'custom_config' in input_params:
        config_data = crypto.from_json(file.read(input_params['custom_config']))
        print(config_data)

A default install option is provided in this PR (sans windows). This option will install the imix agent as a service.

The install subcommand help

imix-install 
Run in install mode

USAGE:
    imix install [OPTIONS]

OPTIONS:
    -c, --config    Sets a custom config file
    -h, --help      Print help information

An example service config

{
    "service_configs": [
        {
            "name": "imix",
            "description": "Imix c2 agent",
            "executable_name": "imix",
            "executable_args": ""
        }
    ],
    "target_forward_connect_ip": "127.0.0.1",
    "target_name": "test1234",
    "callback_config": {
        "interval": 4,
        "jitter": 1,
        "timeout": 4,
        "c2_configs": [
            {
                "priority": 1,
                "uri": "http://127.0.0.1:80/grpc"
            }
        ]
    }
}

Which issue(s) this PR fixes:

Fixes #374

@hulto hulto linked an issue Dec 10, 2023 that may be closed by this pull request
Implement a default install option #374
Closed
@codecov Codecov
Copy link

codecov bot commented Dec 10, 2023
edited

Codecov Report

Attention: 58 lines in your changes are missing coverage. Please review.

Comparison is base (aa79fe9) 68.72% compared to head (a4df372) 71.52%.

Files Patch % Lines
implants/imix/src/install.rs 44.82% 48 Missing ⚠️
implants/imix/src/main.rs 0.00% 10 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #393      +/-   ##
==========================================
+ Coverage   68.72%   71.52%   +2.79%     
==========================================
  Files         108      109       +1     
  Lines        7367     8027     +660     
==========================================
+ Hits         5063     5741     +678     
+ Misses       2195     2177      -18     
  Partials      109      109

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@hulto
Copy link
Collaborator Author

hulto commented Dec 11, 2023

Use #[cfg(windows)] and #[cfg(not(windows))] to define different LOADER_BYTES vars.

jabbate19
jabbate19 approved these changes Dec 17, 2023
View reviewed changes
Copy link
Collaborator

@jabbate19 jabbate19 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, one small opinion

implants/lib/eldritch/src/file.rs
@@ -150,7 +150,7 @@ fn methods(builder: &mut MethodsBuilder) {
remove_impl::remove(path)?;
Ok(NoneType{})
}
fn rename(this: FileLibrary, old: String, new: String) -> anyhow::Result<NoneType> {
fn moveto(this: FileLibrary, old: String, new: String) -> anyhow::Result<NoneType> {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Imo move looks/sounds better, but up to you.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ope - tried to make this change.
We made it moveto since move is a restricted word in rust.
So can't have functions named move. 💀

implants/lib/eldritch/src/lib.rs
@@ -221,7 +221,7 @@ mod tests {
a.globals(globals);
a.all_true(
r#"
dir(file) == ["append", "compress", "copy", "download", "exists", "hash", "is_dir", "is_file", "list", "mkdir", "read", "remove", "rename", "replace", "replace_all", "template", "timestomp", "write"]
dir(file) == ["append", "compress", "copy", "download", "exists", "hash", "is_dir", "is_file", "list", "mkdir", "moveto", "read", "remove", "replace", "replace_all", "template", "timestomp", "write"]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

move/moveto

@hulto hulto merged commit 7819591 into main Dec 17, 2023
7 of 8 checks passed
@hulto hulto deleted the 374-implement-a-default-install-option branch December 17, 2023 19:14
KCarretto pushed a commit that referenced this pull request Feb 1, 2024
@hulto
fafb61f 
 
Implement install subcommand (#393)

* Allow imix install through tomes.

* fix moveto test.

* Fix loader cross compile.

* Build docs updated.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jabbate19 jabbate19 jabbate19 approved these changes

@Cictrone Cictrone Awaiting requested review from Cictrone

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement a default install option
2 participants
@hulto @jabbate19