admin/conquest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
112 Commits 2 Branches 0 Tags
e297bb2d76c9768561a6bd143ebdb102c0397355
Commit Graph

31 Commits

Author SHA1 Message Date
Jakob Friedl
5ebe5d3598 Implemented the Foliage sleep obfuscation technique. 2025-09-03 23:21:45 +02:00
Jakob Friedl
d0545ffd16 Implemented 'screenshot' command. 2025-09-03 19:38:22 +02:00
Jakob Friedl
b19f8e1236 Implemented Zilean sleep obfuscation technique as an alternative to Ekko. 2025-09-02 21:41:04 +02:00
Jakob Friedl
ae083896b6 Implemented simple download command. 2025-09-01 19:45:39 +02:00
Jakob Friedl
8292a5b1ff Implemented handling of different argument types (int, wstring, short) for BOF files using specific prefixes. 2025-08-30 14:05:09 +02:00
Jakob Friedl
4ceb756cfd Added 'bof' module for executing object files and fixed handling of optional arguments. 2025-08-29 15:58:26 +02:00
Jakob Friedl
a18ad3c2cb Removed Ekko WinAPI implementation to clear up file. 2025-08-27 18:24:44 +02:00
Jakob Friedl
00866b30cd Implemented basic sleep obfuscation via the Ekko technique using WinAPI. Improvement needed! 2025-08-27 00:27:50 +02:00
Jakob Friedl
fbb08afe31 Implemented wrapper functions for logging and console output (info, error, success, ...) 2025-08-21 17:02:50 +02:00
Jakob Friedl
f69adc53a2 Implemented initial version of logging system. Log formatting and content needs to be reworked. 2025-08-20 12:55:09 +02:00
Jakob Friedl
b023fca124 Implemented encryption for embedded profile. 2025-08-19 20:03:34 +02:00
Jakob Friedl
84e8730b1e Implemented profile embedding via patching a placeholder in the agent executable. Agent correctly deserializes and parses the profile and listener configuration. 2025-08-18 22:05:23 +02:00
Jakob Friedl
c7980d219d Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00
Jakob Friedl
5a73c0f2f4 Improved working with profiles by adding helper retrieval functions. 2025-08-14 19:33:32 +02:00
Jakob Friedl
714360ef24 Updated profile system, including dynamic parsing of hidden heartbeats and setting of response headers. 2025-08-14 15:53:58 +02:00
Jakob Friedl
e403ac1c07 Refactored utility functions to make them more readable and removed separate register endpoint. 2025-08-14 12:25:06 +02:00
Jakob Friedl
415cd7ebf8 Started implementing profile system. 2025-08-13 19:32:51 +02:00
Jakob Friedl
0e205d34d3 Updated sequence number to uint32 2025-08-06 14:28:54 +02:00
Jakob Friedl
dfcafa9c24 Implemented basic "ps" and "env" commands. 2025-08-01 13:16:12 +02:00
Jakob Friedl
882579b3cb Implemented sequence tracking. 2025-07-26 18:20:54 +02:00
Jakob Friedl
7bf135750c Rework module system. Now modules/commands are defined in a single file each, with both the function executed by teh agent and the definition for server-side argument parsing. 2025-07-25 16:41:29 +02:00
Jakob Friedl
3e9178ec34 Reworked key exchange, now using direct C imports from monocypher instead of nimble modules/libraries. 2025-07-24 17:26:48 +02:00
Jakob Friedl
b6c720ccca Implemented ECDH key exchange using ed25519 to share a symmetric AES key without transmitting it over the network. 2025-07-24 15:31:46 +02:00
Jakob Friedl
cf4e4a7017 Updated database to store session key (still unencrypted) 2025-07-23 15:25:19 +02:00
Jakob Friedl
0f065f41a2 Implemented AES256-GCM encryption of all network packets. Requires some more refactoring to remove redundant code and make it cleaner. 2025-07-23 13:47:37 +02:00
Jakob Friedl
36719dd7f0 Changed variable names for clearer structure. 2025-07-22 21:31:18 +02:00
Jakob Friedl
725696ffa5 Implemented Heartbeat/Checkin request with agentId/listenerId in request body to simplify listener URLs 2025-07-22 21:00:39 +02:00
Jakob Friedl
9f15026fd1 Implemented agent registration to match new binary structure instead of json. 2025-07-21 22:07:25 +02:00
Jakob Friedl
99f55cc04f Implemented communication with custom binary structure instead of JSON requests 2025-07-19 16:49:27 +02:00
Jakob Friedl
d22ad0bd0c Agent fetches serialized task data from prologue web server and successfully parses it. 2025-07-18 18:47:57 +02:00
Jakob Friedl
5825ec91a1 Started rewriting JSON task to custom binary structure. Parsed and serialized task object into seq[byte] 2025-07-18 14:24:07 +02:00