src/server/core/websocket.nim

import times, json, base64, strformat
import stb_image/write as stbiw
import ./logger
import ../../common/[types, utils, event]
export sendHeartbeat, recvEvent

proc `%`*(agent: Agent): JsonNode =
    result = newJObject()
    result["agentId"] = %agent.agentId
    result["listenerId"] = %agent.listenerId
    result["username"] = %agent.username
    result["impersonationToken"] = %agent.impersonationToken
    result["hostname"] = %agent.hostname
    result["domain"] = %agent.domain
    result["ipInternal"] = %agent.ipInternal
    result["ipExternal"] = %agent.ipExternal
    result["os"] = %agent.os
    result["process"] = %agent.process
    result["pid"] = %agent.pid
    result["elevated"] = %agent.elevated
    result["sleep"] = %agent.sleep
    result["jitter"] = %agent.jitter
    result["modules"] = %agent.modules
    result["firstCheckin"] = %agent.firstCheckin
    result["latestCheckin"] = %agent.latestCheckin

proc `%`*(listener: Listener): JsonNode =
    result = newJObject()
    result["listenerId"] = %listener.listenerId
    result["hosts"] = %listener.hosts
    result["address"] = %listener.address
    result["port"] = %listener.port 
    result["protocol"] = %listener.protocol

#[
    Server -> Client
]#
proc sendPublicKey*(client: WsConnection, publicKey: Key) = 
    let event = Event(
        eventType: CLIENT_KEY_EXCHANGE,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "publicKey": encode(Bytes.toString(publicKey))
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendProfile*(client: WsConnection, profileString: string) = 
    let event = Event(
        eventType: CLIENT_PROFILE,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "profile": profileString
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendEventlogItem*(client: WsConnection, logType: LogType, message: string) = 
    let event = Event(
        eventType: CLIENT_EVENTLOG_ITEM,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "logType": cast[uint8](logType),
            "message": message
        }
    )

    # Log event
    let timestamp = event.timestamp.fromUnix().local().format("dd-MM-yyyy HH:mm:ss")
    log(fmt"[{timestamp}]{$logType}{message}")

    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendAgent*(client: WsConnection, agent: Agent) = 
    let event = Event(
        eventType: CLIENT_AGENT_ADD, 
        timestamp: now().toTime().toUnix(),
        data: %agent
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendListener*(client: WsConnection, listener: Listener) =
    let event = Event(
        eventType: CLIENT_LISTENER_ADD,
        timestamp: now().toTime().toUnix(),
        data: %listener
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendAgentCheckin*(client: WsConnection, agentId: string) = 
    let event = Event(
        eventType: CLIENT_AGENT_CHECKIN,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "agentId": agentId
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendAgentPayload*(client: WsConnection, bytes: seq[byte]) =
    let event = Event(
        eventType: CLIENT_AGENT_PAYLOAD, 
        timestamp: now().toTime().toUnix(),
        data: %*{
            "payload": encode(bytes)
        }
    )
    
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendConsoleItem*(client: WsConnection, agentId: string, logType: LogType, message: string) = 
    let event = Event(
        eventType: CLIENT_CONSOLE_ITEM,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "agentId": agentId,
            "logType": cast[uint8](logType),
            "message": message
        }
    )

    # Log agent console item 
    let timestamp = event.timestamp.fromUnix().local().format("dd-MM-yyyy HH:mm:ss")
    if logType != LOG_OUTPUT: 
        log(fmt"[{timestamp}]{$logType}{message}", agentId)
    else: 
        log(message, agentId)

    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendBuildlogItem*(client: WsConnection, logType: LogType, message: string) = 
    let event = Event(
        eventType: CLIENT_BUILDLOG_ITEM,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "logType": cast[uint8](logType),
            "message": message
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendLoot*(client: WsConnection, loot: LootItem) = 
    let event = Event(
        eventType: CLIENT_LOOT_ADD,
        timestamp: now().toTime().toUnix(),
        data: %loot
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendLootData*(client: WsConnection, loot: LootItem, data: string) = 
    let event = Event(
        eventType: CLIENT_LOOT_DATA,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "loot": %loot,
            "data": encode(data)
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendImpersonateToken*(client: WsConnection, agentId: string, username: string) = 
    let event = Event(
        eventType: CLIENT_IMPERSONATE_TOKEN,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "agentId": agentId,
            "username": username
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)

proc sendRevertToken*(client: WsConnection, agentId: string) = 
    let event = Event(
        eventType: CLIENT_REVERT_TOKEN,
        timestamp: now().toTime().toUnix(),
        data: %*{
            "agentId": agentId
        }
    )
    if client != nil: 
        client.ws.sendEvent(event, client.sessionKey)
Updated to TOML v1.0.0. 2025-11-21 15:55:41 +01:00			`import times, json, base64, strformat`
Implemented right-click menu to remove or download loot (files/screenshots). 2025-10-09 16:25:05 +02:00			`import stb_image/write as stbiw`
Updated directory structure. 2025-10-03 12:44:28 +02:00			`import ./logger`
			`import ../../common/[types, utils, event]`
Implemented starting and stopping listeners from the ImGui client. 2025-09-27 13:54:12 +02:00			`export sendHeartbeat, recvEvent`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Removed unused code. 2025-10-01 15:27:06 +02:00			proc `%`*(agent: Agent): JsonNode =
			`result = newJObject()`
			`result["agentId"] = %agent.agentId`
			`result["listenerId"] = %agent.listenerId`
			`result["username"] = %agent.username`
Impersonated user is displayed in the client UI and persisted in the team server database. 2025-10-17 13:01:12 +02:00			`result["impersonationToken"] = %agent.impersonationToken`
Removed unused code. 2025-10-01 15:27:06 +02:00			`result["hostname"] = %agent.hostname`
			`result["domain"] = %agent.domain`
Added remote address and modules to agent structure. Help command now only shows commands for which the agent has been configured. 2025-10-02 10:25:37 +02:00			`result["ipInternal"] = %agent.ipInternal`
			`result["ipExternal"] = %agent.ipExternal`
Removed unused code. 2025-10-01 15:27:06 +02:00			`result["os"] = %agent.os`
			`result["process"] = %agent.process`
			`result["pid"] = %agent.pid`
			`result["elevated"] = %agent.elevated`
			`result["sleep"] = %agent.sleep`
Implemented jitter. 2025-10-23 11:14:26 +02:00			`result["jitter"] = %agent.jitter`
Added remote address and modules to agent structure. Help command now only shows commands for which the agent has been configured. 2025-10-02 10:25:37 +02:00			`result["modules"] = %agent.modules`
			`result["firstCheckin"] = %agent.firstCheckin`
			`result["latestCheckin"] = %agent.latestCheckin`
Removed unused code. 2025-10-01 15:27:06 +02:00
			proc `%`*(listener: Listener): JsonNode =
			`result = newJObject()`
			`result["listenerId"] = %listener.listenerId`
Implemented callback host system to support HTTP redirectors 2025-10-11 17:10:18 +02:00			`result["hosts"] = %listener.hosts`
Removed unused code. 2025-10-01 15:27:06 +02:00			`result["address"] = %listener.address`
			`result["port"] = %listener.port`
			`result["protocol"] = %listener.protocol`

Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`#[`
			`Server -> Client`
			`]#`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendPublicKey*(client: WsConnection, publicKey: Key) =`
			`let event = Event(`
			`eventType: CLIENT_KEY_EXCHANGE,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"publicKey": encode(Bytes.toString(publicKey))`
			`}`
			`)`
			`if client != nil:`
			`client.ws.sendEvent(event, client.sessionKey)`

Updated to TOML v1.0.0. 2025-11-21 15:55:41 +01:00			`proc sendProfile*(client: WsConnection, profileString: string) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_PROFILE,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
Updated to TOML v1.0.0. 2025-11-21 15:55:41 +01:00			`"profile": profileString`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`}`
			`)`
Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendEventlogItem*(client: WsConnection, logType: LogType, message: string) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_EVENTLOG_ITEM,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"logType": cast[uint8](logType),`
			`"message": message`
			`}`
			`)`
Reworked logging system to work with new GUI. 2025-10-02 13:51:04 +02:00
			`# Log event`
			`let timestamp = event.timestamp.fromUnix().local().format("dd-MM-yyyy HH:mm:ss")`
			`log(fmt"[{timestamp}]{$logType}{message}")`

Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendAgent*(client: WsConnection, agent: Agent) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_AGENT_ADD,`
			`timestamp: now().toTime().toUnix(),`
			`data: %agent`
			`)`
Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendListener*(client: WsConnection, listener: Listener) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_LISTENER_ADD,`
			`timestamp: now().toTime().toUnix(),`
			`data: %listener`
			`)`
Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendAgentCheckin*(client: WsConnection, agentId: string) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_AGENT_CHECKIN,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"agentId": agentId`
			`}`
			`)`
Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendAgentPayload*(client: WsConnection, bytes: seq[byte]) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_AGENT_PAYLOAD,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"payload": encode(bytes)`
			`}`
			`)`
Reworked logging system to work with new GUI. 2025-10-02 13:51:04 +02:00
Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`proc sendConsoleItem*(client: WsConnection, agentId: string, logType: LogType, message: string) =`
Started porting over functionality to the ImGui client via websocket communication. 2025-09-25 19:22:17 +02:00			`let event = Event(`
			`eventType: CLIENT_CONSOLE_ITEM,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"agentId": agentId,`
			`"logType": cast[uint8](logType),`
			`"message": message`
			`}`
			`)`
Reworked logging system to work with new GUI. 2025-10-02 13:51:04 +02:00
			`# Log agent console item`
			`let timestamp = event.timestamp.fromUnix().local().format("dd-MM-yyyy HH:mm:ss")`
			`if logType != LOG_OUTPUT:`
			`log(fmt"[{timestamp}]{$logType}{message}", agentId)`
			`else:`
			`log(message, agentId)`

Fixed team server crashing when no UI client is connected. 2025-09-26 15:30:14 +02:00			`if client != nil:`
Implemented websocket (client <-> server) traffic encryption & compression. 2025-10-01 21:57:26 +02:00			`client.ws.sendEvent(event, client.sessionKey)`
Added build log to client UI. 2025-10-02 12:10:46 +02:00
			`proc sendBuildlogItem*(client: WsConnection, logType: LogType, message: string) =`
			`let event = Event(`
			`eventType: CLIENT_BUILDLOG_ITEM,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"logType": cast[uint8](logType),`
			`"message": message`
			`}`
			`)`
			`if client != nil:`
			`client.ws.sendEvent(event, client.sessionKey)`
Loot (downloads/screenshots) is now sent by the teamserver either on client-connection or when new loot is added. For images, smaller thumbnails are used to reduce size of network packets. 2025-10-09 12:14:38 +02:00
			`proc sendLoot*(client: WsConnection, loot: LootItem) =`
			`let event = Event(`
			`eventType: CLIENT_LOOT_ADD,`
			`timestamp: now().toTime().toUnix(),`
			`data: %loot`
			`)`
			`if client != nil:`
			`client.ws.sendEvent(event, client.sessionKey)`
Implemented right-click menu to remove or download loot (files/screenshots). 2025-10-09 16:25:05 +02:00
Screenshots and downloads are now only retrieved once from the team server when the user selects them in the client for preview, which leads to faster start-up times and less blocking UI. 2025-10-14 22:04:04 +02:00			`proc sendLootData*(client: WsConnection, loot: LootItem, data: string) =`
Implemented right-click menu to remove or download loot (files/screenshots). 2025-10-09 16:25:05 +02:00			`let event = Event(`
Screenshots and downloads are now only retrieved once from the team server when the user selects them in the client for preview, which leads to faster start-up times and less blocking UI. 2025-10-14 22:04:04 +02:00			`eventType: CLIENT_LOOT_DATA,`
Implemented right-click menu to remove or download loot (files/screenshots). 2025-10-09 16:25:05 +02:00			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
Screenshots and downloads are now only retrieved once from the team server when the user selects them in the client for preview, which leads to faster start-up times and less blocking UI. 2025-10-14 22:04:04 +02:00			`"loot": %loot,`
			`"data": encode(data)`
Implemented right-click menu to remove or download loot (files/screenshots). 2025-10-09 16:25:05 +02:00			`}`
			`)`
Impersonated user is displayed in the client UI and persisted in the team server database. 2025-10-17 13:01:12 +02:00			`if client != nil:`
			`client.ws.sendEvent(event, client.sessionKey)`

			`proc sendImpersonateToken*(client: WsConnection, agentId: string, username: string) =`
			`let event = Event(`
			`eventType: CLIENT_IMPERSONATE_TOKEN,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"agentId": agentId,`
			`"username": username`
			`}`
			`)`
			`if client != nil:`
			`client.ws.sendEvent(event, client.sessionKey)`

			`proc sendRevertToken*(client: WsConnection, agentId: string) =`
			`let event = Event(`
			`eventType: CLIENT_REVERT_TOKEN,`
			`timestamp: now().toTime().toUnix(),`
			`data: %*{`
			`"agentId": agentId`
			`}`
			`)`
Implemented right-click menu to remove or download loot (files/screenshots). 2025-10-09 16:25:05 +02:00			`if client != nil:`
			`client.ws.sendEvent(event, client.sessionKey)`