final updates to version 2.2.7

its-a-feature · Jun 22, 2021 · ce72d7e · ce72d7e
1 parent edd0caf
commit ce72d7e
Show file tree

Hide file tree

Showing 26 changed files with 826 additions and 94 deletions.
diff --git a/README.md b/README.md
@@ -9,7 +9,7 @@ A cross-platform, post-exploit, red teaming framework built with python3, docker
 * Objective By the Sea 2019 talk on JXA: https://objectivebythesea.com/v2/talks/OBTS_v2_Thomas.pdf  
 * Objective By the sea 2019 Video: https://www.youtube.com/watch?v=E-QEsGsq3uI&list=PLliknDIoYszvTDaWyTh6SYiTccmwOsws8&index=17  
 
-* Current Version: 2.2.6
+* Current Version: 2.2.7
 
 ## Installing Agents and C2 Profiles
 

diff --git a/hasura-docker/metadata/tables.yaml b/hasura-docker/metadata/tables.yaml
@@ -4890,6 +4890,10 @@
 - table:
     schema: public
     name: taskartifact
+  configuration:
+    custom_root_fields: {}
+    custom_column_names:
+      artifact_instance: artifact_instance_raw
   object_relationships:
   - name: artifact
     using:
@@ -4900,6 +4904,12 @@
   - name: task
     using:
       foreign_key_constraint_on: task_id
+  computed_fields:
+  - name: artifact_instance_text
+    definition:
+      function:
+        schema: public
+        name: taskartifact_artifact_instance
   select_permissions:
   - role: developer
     permission:
@@ -4911,6 +4921,8 @@
       - artifact_id
       - operation_id
       - host
+      computed_fields:
+      - artifact_instance_text
       filter:
         _or:
         - operation_id:
@@ -4922,13 +4934,15 @@
   - role: mythic_admin
     permission:
       columns:
+      - id
+      - task_id
+      - timestamp
       - artifact_instance
       - artifact_id
-      - id
       - operation_id
-      - task_id
       - host
-      - timestamp
+      computed_fields:
+      - artifact_instance_text
       filter:
         _or:
         - operation_id:
@@ -4940,13 +4954,15 @@
   - role: operation_admin
     permission:
       columns:
+      - id
+      - task_id
+      - timestamp
       - artifact_instance
       - artifact_id
-      - id
       - operation_id
-      - task_id
       - host
-      - timestamp
+      computed_fields:
+      - artifact_instance_text
       filter:
         _or:
         - operation_id:
@@ -4958,13 +4974,15 @@
   - role: operator
     permission:
       columns:
+      - id
+      - task_id
+      - timestamp
       - artifact_instance
       - artifact_id
-      - id
       - operation_id
-      - task_id
       - host
-      - timestamp
+      computed_fields:
+      - artifact_instance_text
       filter:
         _or:
         - operation_id:
@@ -4976,13 +4994,15 @@
   - role: spectator
     permission:
       columns:
+      - id
+      - task_id
+      - timestamp
       - artifact_instance
       - artifact_id
-      - id
       - operation_id
-      - task_id
       - host
-      - timestamp
+      computed_fields:
+      - artifact_instance_text
       filter:
         _or:
         - operation_id:

diff --git a/mythic-docker/app/__init__.py b/mythic-docker/app/__init__.py
@@ -46,7 +46,7 @@
 listen_ip = "0.0.0.0"
 # if log_size > 0, rotate and make a max of max_log_count files to hold logs
 max_log_count = 1
-valid_payload_container_version_bounds = [6, 7]
+valid_payload_container_version_bounds = [8, 8]
 valid_c2_container_version_bounds = [3, 3]
 valid_translation_container_version_bounds = [3, 3]
 valid_restful_scripting_bounds = [3, 3]

diff --git a/mythic-docker/app/api/payloads_api.py b/mythic-docker/app/api/payloads_api.py
@@ -708,18 +708,16 @@ async def write_payload(uuid, user, data):
     result = await send_pt_rabbitmq_message(
         payload.payload_type.ptype,
         "create_payload_with_code",
-        base64.b64encode(
-            js.dumps(
-                {
-                    "build_parameters": build_parameters,
-                    "commands": commands,
-                    "selected_os": data["selected_os"],
-                    "c2_profile_parameters": c2_profile_parameters,
-                    "uuid": payload.uuid,
-                    "wrapped_payload": wrapped_payload,
-                }
-            ).encode("utf-8")
-        ).decode("utf-8"),
+        js.dumps(
+            {
+                "build_parameters": build_parameters,
+                "commands": commands,
+                "selected_os": data["selected_os"],
+                "c2_profile_parameters": c2_profile_parameters,
+                "uuid": payload.uuid,
+                "wrapped_payload": wrapped_payload,
+            }
+        ),
         user["username"],
         payload.uuid
     )

diff --git a/mythic-docker/app/api/task_api.py b/mythic-docker/app/api/task_api.py
@@ -887,7 +887,7 @@ async def add_task_to_callback_func(data, cid, op, cb):
                 operator=op,
                 command=cmd,
                 token=token,
-                params=data["params"],
+                params=data["original_params"],
                 original_params=data["original_params"],
                 display_params=data["original_params"],
                 parent_task=data["parent_task"] if "parent_task" in data else None,
@@ -898,7 +898,7 @@ async def add_task_to_callback_func(data, cid, op, cb):
             )
             if "tags" in data:
                 await add_tags_to_task(task, data["tags"])
-            result = await submit_task_to_container(task, op.username)
+            result = await submit_task_to_container(task, op.username, data["params"])
         else:
             return {
                 "status": "error",
@@ -1218,7 +1218,7 @@ async def reissue_task_for_down_container(request, user):
         return json({"status": "error", "error": "Failed to find components"})
 
 
-async def submit_task_to_container(task, username):
+async def submit_task_to_container(task, username, params: str = None):
     if (
             task.callback.registered_payload.payload_type.last_heartbeat
             < datetime.utcnow() + timedelta(seconds=-30)
@@ -1237,12 +1237,14 @@ async def submit_task_to_container(task, username):
         rabbit_message["task"]["callback"]["c2info"] = payload_info["c2info"]
         tags = await app.db_objects.execute(db_model.tasktag_query.where(db_model.TaskTag.task == task))
         rabbit_message["task"]["tags"] = [t.tag for t in tags]
+        if params is not None:
+            rabbit_message["params"] = params
         rabbit_message["task"]["token"] = task.token.to_json() if task.token is not None else None
         # by default tasks are created in a preprocessing state,
         result = await send_pt_rabbitmq_message(
             task.callback.registered_payload.payload_type.ptype,
             "command_transform",
-            base64.b64encode(js.dumps(rabbit_message).encode()).decode("utf-8"),
+            js.dumps(rabbit_message),
             username,
             task.id
         )
@@ -1285,7 +1287,7 @@ async def submit_task_callback_to_container(task: Task, function_name: str, user
         result = await send_pt_rabbitmq_message(
             task.callback.registered_payload.payload_type.ptype,
             "task_callback_function",
-            base64.b64encode(js.dumps(rabbit_message).encode()).decode("utf-8"),
+            js.dumps(rabbit_message),
             username,
             task.id
         )

diff --git a/mythic-docker/app/database_models/model.py b/mythic-docker/app/database_models/model.py
@@ -2892,6 +2892,20 @@ def pg_created_response_text_field():
  STABLE
 AS $function$
   SELECT convert_from(fileobj_row.full_path, 'utf8')
+$function$"""
+    func_artifact_instance = """CREATE OR REPLACE FUNCTION public.taskartifact_artifact_instance(taskartifact_row taskartifact)
+ RETURNS text
+ LANGUAGE sql
+ STABLE
+AS $function$
+  SELECT convert_from(taskartifact_row.artifact_instance, 'utf8')
+$function$"""
+    func_credential = """CREATE OR REPLACE FUNCTION public.credential_credentials(credential_row credential)
+ RETURNS text
+ LANGUAGE sql
+ STABLE
+AS $function$
+  SELECT convert_from(credential_row.credential, 'utf8')
 $function$"""
     try:
         mythic_db.execute_sql(func_response_response)
@@ -2900,7 +2914,8 @@ def pg_created_response_text_field():
         mythic_db.execute_sql(func_fileobj_name)
         mythic_db.execute_sql(func_fileobj_parent_path)
         mythic_db.execute_sql(func_fileobj_full_path)
-
+        mythic_db.execute_sql(func_artifact_instance)
+        mythic_db.execute_sql(func_credential)
     except Exception as e:
         print(e)
 

diff --git a/mythic-docker/app/templates/base.html b/mythic-docker/app/templates/base.html
@@ -730,7 +730,7 @@ <h6 class="dropdown-header">Operational Feeds</h6>
               </li>
           </ul>
         </span>
-      <font size="4" style="float:right;padding-right:10px">v2.2.6</font>
+      <font size="4" style="float:right;padding-right:10px">v2.2.7</font>
       {% endif %}
   </div>
 </nav>

diff --git a/mythic-react-docker/mythic/src/components/pages/Callbacks/C2PathDialog.js b/mythic-react-docker/mythic/src/components/pages/Callbacks/C2PathDialog.js
@@ -7,6 +7,7 @@ import * as d3 from 'd3';
 import {createContextMenu} from './D3ContextMenu';
 import dagreD3 from 'dagre-d3';
 import {muiTheme} from '../../../themes/Themes.js';
+import { autoType } from 'd3';
 
 export function C2PathDialog(props) {
     const dagreRef = useRef(null);   

diff --git a/mythic-react-docker/mythic/src/components/pages/Callbacks/Callbacks.js b/mythic-react-docker/mythic/src/components/pages/Callbacks/Callbacks.js
@@ -36,16 +36,19 @@ subscription CallbacksSubscription ($operation_id: Int!){
     agent_callback_id
     operation_id
     payload {
+      os
       payloadtype {
         ptype
         id
       }
+      id
     }
     callbacktokens(where: {deleted: {_eq: false}}) {
       token {
         TokenId
         id
       }
+      id
     }
   }
 }
@@ -151,7 +154,9 @@ export function Callbacks(props){
         if(!found){
             for(let i = 0; i < data.callback.length; i++){
               if(data.callback[i]["id"] === callbackID){
-                const tabs = [...openTabs, {tabID, tabType, callbackID, payloadtype: data.callback[i]["payload"]["payloadtype"]["ptype"]}];
+                const tabs = [...openTabs, {tabID, tabType, callbackID, 
+                    payloadtype: data.callback[i]["payload"]["payloadtype"]["ptype"],
+                    os: data.callback[i]["payload"]["os"]}];
                 setOpenTabs(tabs);
               }
             }

diff --git a/mythic-react-docker/mythic/src/components/pages/Callbacks/CallbacksTable.js b/mythic-react-docker/mythic/src/components/pages/Callbacks/CallbacksTable.js
@@ -14,6 +14,9 @@ import Tooltip from '@material-ui/core/Tooltip';
 import VisibilityOffOutlinedIcon from '@material-ui/icons/VisibilityOffOutlined';
 import {ThemeContext} from 'styled-components';
 import { useContext} from 'react';
+import {hideCallbackMutation} from './CallbackMutations';
+import {snackActions} from '../../utilities/Snackbar';
+import {useMutation } from '@apollo/client';
 
 const useToolbarStyles = makeStyles((theme) => ({
   root: {
@@ -39,7 +42,6 @@ const EnhancedTableToolbar = (props) => {
   const classes = useToolbarStyles();
   const theme = useContext(ThemeContext);
   const { numSelected } = props;
-
   return (
     <React.Fragment>
         {numSelected > 1 ? (
@@ -49,7 +51,7 @@ const EnhancedTableToolbar = (props) => {
                 {numSelected} selected
               </Typography>
               <Tooltip title="Hide Selected">
-                <IconButton aria-label="hide">
+                <IconButton aria-label="hide" onClick={props.onHideSelected}>
                   <VisibilityOffOutlinedIcon />
                 </IconButton>
               </Tooltip>
@@ -130,6 +132,27 @@ export function CallbacksTable(props){
         setOrder(isAsc ? 'desc' : 'asc');
         setOrderBy(property);
       };
+      const [hideCallback] = useMutation(hideCallbackMutation, {
+        update: (cache, {data}) => {
+            if(data.updateCallback.status === "success"){
+                snackActions.success("Hiding callback");
+            }else{
+                snackActions.warning(data.updateCallback.error);
+            }
+
+        },
+        onError: data => {
+            console.log(data);
+        }
+    });
+    const hideSelected = () => {
+      for(let i = 0; i < props.callbacks.length; i++){
+        if(selected.includes(props.callbacks[i]["id"])){
+          hideCallback({variables: {callback_id: props.callbacks[i]["id"]}});
+        }
+      }
+      //
+    }
     const tableHeadCells = [
         {id: "id", numeric: true, disablePadding: false, label: "Interact"},
         {id: "ip", numeric: false, disablePadding: false, label: "IP"},
@@ -147,7 +170,7 @@ export function CallbacksTable(props){
     return (
         <div>  
             <TableContainer component={Paper} className="mythicElement" style={{"maxWidth": "100%", "overflow": "auto", height: "calc(" + props.topHeight + "vh)"}}>
-                <EnhancedTableToolbar numSelected={selected.length}/>
+                <EnhancedTableToolbar numSelected={selected.length} onHideSelected={hideSelected}/>
                 <Table size="small" >
                     <EnhancedTableHead numSelected={selected.length} rowCount={props.callbacks.length} classes={classes} headCells={tableHeadCells} onSelectAllClick={handleSelectAllClick} onRequestSort={handleRequestSort} orderBy={orderBy} order={order}/>
                     <TableBody >
-Original file line number
+Diff line change
@@ Expand Up / @@ -730,7 +730,7 @@ <h6 class="dropdown-header">Operational Feeds</h6> @@
                   </li>
               </ul>
             </span>
-          <font size="4" style="float:right;padding-right:10px">v2.2.6</font>
+          <font size="4" style="float:right;padding-right:10px">v2.2.7</font>
           {% endif %}
       </div>
     </nav>
@@ Expand Down @@