pkhazov/Sigma-C2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
113 Commits 1 Branch 0 Tags
main
Commit Graph

42 Commits

Author SHA1 Message Date
Pavlo Khazov
0df36d871e Read changelog 2025-08-18 16:03:04 +02:00
Pavlo Khazov
e985a9f628 Added configuration option in yaml config file to specify the path to server content for every domain 2025-08-17 13:40:08 +02:00
Pavlo Khazov
55f43f1f93 Added a check if port is already in use during listener creation. 2025-08-17 11:40:56 +02:00
Pavlo Khazov
7bc6f9e622 Agent parameters during generation are now based on yaml config file. Only things left are modules, working on it now. 2025-08-16 19:39:16 +02:00
Pavlo Khazov
460903bd18 Move some settings out of domain structure to overall optimize configuration 2025-08-16 15:40:40 +02:00
Pavlo Khazov
9dd678f62c Implementing dynamic https configuration load from config file and removing old transport abstraction. 2025-08-16 13:05:58 +02:00
Pavlo Khazov
e968936f04 Downlaod message string is now also encrypted. Unfortunetely, I understand that I will need to refactor all of these, because 4 different functions for sending/receiving messages and data is bad architectural design by default, add overhead and makes it hard to maintain. 2025-08-15 21:13:56 +02:00
Pavlo Khazov
5db505b90d Implemented encryption for file upload command. Fixed few bugs with cookies not being correctly decoded because of wrong buffer creation ( wchar_t cookieValue[valueLength + 1]; ) and fixed few error codes. 2025-08-15 20:07:11 +02:00
Pavlo Khazov
759e1a107f I ditched SSL transport as managing two protocols at the same time is tiring. I decided to stich with HTTPS as it is enough for 99% cases and is more stealthy. Messages are now encrypted and sent in base64, on server side - decoded and decrypted. 2025-08-15 17:21:27 +02:00
Pavlo Khazov
65b787cb8a Cleaned up https upload logic 2025-08-15 09:24:27 +02:00
Pavlo Khazov
f6f130f6e7 Implemented file uploads in HTTPS communication channel 2025-08-14 21:16:01 +02:00
Pavlo Khazov
2d83259d58 Implemented strings encryption, message length header, remove beacon code, remove some useless flags and code 2025-08-14 17:25:46 +02:00
Pavlo Khazov
b0b2f226e8 Implmeneted task result reporting based on error codes 2025-08-14 10:53:57 +02:00
Pavlo Khazov
f0538cd3a8 I decided to stick with strings communication for now, as implementing TLV is a bit hard for me now and I do not want to do JSON either (mainly because of a need to use external linrary). But I implemented encryption for strings communication. 2025-08-13 20:19:44 +02:00
Pavlo Khazov
174964e5d7 Cleaning up 2025-08-13 17:26:02 +02:00
Pavlo Khazov
2c169e9eea Cleaning 2025-08-13 17:05:13 +02:00
Pavlo Khazov
ee2af29ef3 Introduced error codes and command codes - first step to move from string communication. Cleaned code a little bit, disabled "files" command as it seems to be useless now. Renamed few functions to better display it's purpose. 2025-08-13 13:12:47 +02:00
Pavlo Khazov
d5816dfdb4 Moved agent source files into src folder. Added output catch via pipe to inject-self command. Fixed "BOOL failed;" being initialized without value, which cause cleanup section to trigger and terminate spawned process. Added startup info to force a hidden windows on spawned processes. 2025-08-12 14:50:10 +02:00
Pavlo Khazov
e8f13167b8 Added named pipes to capture output from injected capabilities. Returned inject command for self injection. Split some commands into separate files. Fixed error logging. Cleaned code a little bit. 2025-08-11 19:36:45 +02:00
Pavlo Khazov
6beb460ea8 Finaly fixed the problem with "spawn" command. Previously it was spawning processes and injecting code into it, but it looked like nothing happened, and only 1 out of 10 times there was a sign of successfully injection (calc popping up or agent checking in). It was because function was going to cleanup label even on success. Now it is fixed. 2025-08-09 19:32:53 +02:00
Pavlo Khazov
6f67c9ba01 Func recv_alloc() was replaced with newly introduced func read_body() which extracts body from HTTP response, and http_recv() func now only gets message from cookie. This brings better readibility and ads robustness. 2025-08-08 16:25:28 +02:00
Pavlo Khazov
7050c6f2ca Cleaned up code a little bit. Stager prototype and listener aded. All configuration moved to config.h 2025-08-07 21:11:53 +02:00
Pavlo Khazov
dcae4c8960 Cleaning 2025-08-07 14:25:25 +02:00
Pavlo Khazov
d160b44190 HTTPS communication channel was implemented for agent. Uploading files to server is not yet supported, but will be in nearest future. 
Agent and server files have been restrucutred for convenience. Agent source files have also been split for convenience and readability.
Operator's terminal was enchanced to better display output. Also, some comands were renamed to be more intuitive and some errors have been fixed, which led to terminal's panic. Command parses has also been enchanced to not mismatch commands and handle them strictly. Command 'tasks' now work in both general and agent contexts.
Filepath handling was fixed in 'download', 'upload' and 'spawn' commands. Now filepaths with spaces are handled correctly.
WolfSSL was ditched, as it is not really necessary anymore.
 2025-08-05 20:48:22 +02:00
Pavlo Khazov
1a7c30cfbd Changed operator's command parsing logic to not panic in certain cases. Changed how "show task" command works and replaced with "tasks", which works both in general and agent contexts 2025-08-05 15:03:12 +02:00
Pavlo Khazov
af8d80b1cd Restructured operator's terminal code and added channel to gracefully close terminal on "exit|quit" command and Ctrl+C 2025-08-03 20:11:41 +02:00
Pavlo Khazov
91ecbc8b4a Enchanced operator prompt to better display output and history 2025-08-03 18:57:10 +02:00
Pavlo Khazov
e8de1b8e9b Fixed file path handling in download/upload commands. Removed debugLog() and infoLog(), will see if it will be comfortable for me to work like this. Made server log a bit clearer by removing unnecessary log statements. Removed WolfSSL as it's not needed anymore. Changed logging style in agent. And overall cleaned unused pieces of code in both agent and server. 2025-08-03 15:07:01 +02:00
Pavlo Khazov
b4ce0d21bc Fixed files downloading bug in stream protocols communication 2025-08-02 15:04:00 +02:00
Pavlo Khazov
8b810e78d7 File downloading works for http agent now 2025-08-02 13:15:38 +02:00
Pavlo Khazov
5827982fa0 Added http communication channel to agent. Fixed minor bug with system info reporting. Thinking to get rid of beacon at all, or repurpose it. 2025-08-01 21:45:55 +02:00
Pavlo Khazov
3373aaed04 Minor things 2025-07-27 17:11:01 +02:00
Pavlo Khazov
92e1ba5723 Implemented optional logging. It only works in debug mode. In production builds - strings are striped from binary 2025-07-25 17:28:23 +02:00
Pavlo Khazov
c5c2f580a5 Restructured server files to better display contents 2025-07-17 19:09:52 +02:00
Pavlo Khazov
dae3f7e79e Version 0.5.0 2025-07-13 20:35:09 +02:00
Pavlo Khazov
cb79f61c25 Fixed agent's receive module func signature. Fixed task result message not sent to operator. And added PID to agent's info. 2025-07-13 19:40:11 +02:00
Pavlo Khazov
4dbbb47694 Beacon is now fully integrated into http transport. Enchanced structure of htpp listener on server. Fixed problems with pid and ppid in injection logic. 2025-07-13 16:35:10 +02:00
Pavlo Khazov
88e433a3d3 File structure change. TaskID fix in task result sending logic. PID is now formated and sent correctly. 2025-07-12 22:36:15 +02:00
Pavlo Khazov
1853b38920 Fixed server not correcltly parsing task result id and beacon not sending task id 2025-07-12 20:45:16 +02:00
John Doe
507c1d1cce Extended transport interface for a new http function, which take two buffers now. One static for messages embedded into cookie, second - dynamically allocated buffer for actual http reponse. 
Fixed http listener not seting cookie headers for ACK responses.
 2025-07-12 19:00:33 +02:00
John Doe
7454624762 Added https listener to beacon. Currently only basic commands work, downloading/uploading files and downloading shellcode do not work. 2025-07-12 15:42:55 +02:00
John Doe
d114d376b8 Restrucuted folders 2025-07-11 14:06:11 +02:00