Sigma-C2

Author	SHA1	Message	Date
Pavlo Khazov	88e433a3d3	File structure change. TaskID fix in task result sending logic. PID is now formated and sent correctly.	2025-07-12 22:36:15 +02:00
John Doe	925bb8fd92	Added task id logic: now agent reports task result with task id after "TASKRESULT" message part, which helps identify task and operator who issued it. Added size optimization flags to payload generator. Corrected source files list in payload generator. Corrected macros for transport selection.	2025-05-24 14:00:58 +02:00
Pavlo Khazov	2ad1a58c3a	Minor adjustments	2025-04-27 12:19:45 +02:00
Pavlo Khazov	70896bb6c2	Run command was divided into runexe and rundll	2025-04-27 11:48:12 +02:00
Pavlo Khazov	723aa168f6	Added new beacon to repo. Fixed injection logic for new beacon.	2025-04-27 09:53:28 +02:00
Pavlo Khazov	1f01d1bdf0	Refactored sysinfo command and some bug fixed	2025-04-27 08:49:59 +02:00
Pavlo Khazov	14ad90a2b7		2025-04-26 21:11:19 +02:00
Pavlo Khazov	a60dc7b647	Preparing for unity build. Got tired of header files and includes.	2025-04-25 16:21:54 +02:00
Pavlo Khazov	3c63ed08cc	Added missing header files and new compiler flags.	2025-04-23 12:37:25 +02:00
Pavlo Khazov	a81eec18bb	Removed unnecessary WSACleanUp, which prevented agent from reconnection after server went offline and back online. Rewrote some blocks to use sync.Map instead of mutex. Added PID and process name retrieving for "ps" command. Added nice output for "ps" command and it is now handled separately, like sysinfo and keylogger. Devel mode: if message is bigger than 512 chars, console will print only 512 chars. Laying the foundation for new task-result logic in future: Task handler: now generates task id for every task. Task handler: does not delete task after sending to agent, but just marks it as dispatched. Task handler: operator conn and ID retrieval by task id.	2025-04-22 23:54:40 +02:00
Pavlo Khazov	82033c21d5	Agent and BeaconC have new injection capabilities. "inject" - writes shellcode into process, which can be specified by PID. "spawn" - launches new suspended process, writes shellcode and creates thread. PPID can be specified. Shellcode is encrypted on server, decrypted right before writing to memory and cleared right after it. Tiny-AES is used for decryption. Modules are now dynamically loaded from folder and not harcoded.	2025-04-21 15:45:19 +02:00
Pavlo Khazov	64c2187688	Added "ps" command to get list of processes on target.	2025-04-18 21:35:52 +02:00
Pavlo Khazov	bcca9af323	Little enchancement for proxy server and some performance testing.	2025-04-15 22:16:39 +02:00
Pavlo Khazov	41b637459b	Added prototype of socks5 proxy on agent. Command "proxy start" starts listening on server:30900 and tunnels through target system, where agent runs. Current implementation support only 1 connection. Multiplexing to be added. Custom ports to be added. Now all print statements are showed only with --devel flag.	2025-04-15 10:42:21 +02:00
Pavlo Khazov	b3e9ce2b42	Implemented file uploading to target machine with command "upload" Added local system navigation in operator's terminal + tab completion for "upload" command	2025-04-09 16:19:51 +02:00
Pavlo Khazov	2150ee16c8	Added cd, ls, pwd, dir commands.	2025-04-08 21:35:55 +02:00
Pavlo Khazov	87e54675f3	Added task reporting after modules execution. Got rid of unnecessary static and const statements. I think nobody is going ever to read this code. Minor adjustments for readability and logging.	2025-04-08 14:42:11 +02:00
Pavlo Khazov	a3e0674a1f	Refactored file/folder downloading logic	2025-04-08 12:32:46 +02:00
Pavlo Khazov	8044155a39	Moved all command-related stuff to separate file commands.c/h	2025-04-07 14:00:24 +02:00
Pavlo Khazov	3f60761836	Added full support for TCP communication. Agent now can be generated with TCP transport by selecting TCP listener during generation. Such executable will not include any SSL code and libraries. Size of agent.exe with TCP transport is ~270kb, agent.exe with SSL transport is ~800kb	2025-04-06 20:48:05 +02:00

20 Commits