fixing an update with MythicRPC Encrypts/Decrypts RPC Calls

MythicAgents · Sep 16, 2024 · d78d9a0 · d78d9a0
1 parent 4157add
commit d78d9a0
Show file tree

Hide file tree

Showing 10 changed files with 37 additions and 19 deletions.
diff --git a/Payload_Type/arachne/.docker/requirements.txt b/Payload_Type/arachne/.docker/requirements.txt
@@ -1,3 +1,3 @@
-mythic-container==0.5.9
+mythic-container==0.5.12
 requests
 bs4
diff --git a/Payload_Type/arachne/arachne/agent_functions/cd.py b/Payload_Type/arachne/arachne/agent_functions/cd.py
@@ -50,7 +50,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -66,7 +67,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     await SendMythicRPCResponseCreate(MythicRPCResponseCreateMessage(

diff --git a/Payload_Type/arachne/arachne/agent_functions/checkin.py b/Payload_Type/arachne/arachne/agent_functions/checkin.py
@@ -34,7 +34,8 @@ async def create_go_tasking(self, taskData: MythicCommandBase.PTTaskMessageAllDa
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -50,7 +51,8 @@ async def create_go_tasking(self, taskData: MythicCommandBase.PTTaskMessageAllDa
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     info = decrypted_resp.Message.decode().split('|')

diff --git a/Payload_Type/arachne/arachne/agent_functions/download.py b/Payload_Type/arachne/arachne/agent_functions/download.py
@@ -52,7 +52,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -68,7 +69,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     file_resp = await SendMythicRPCFileCreate(MythicRPCFileCreateMessage(

diff --git a/Payload_Type/arachne/arachne/agent_functions/execute_assembly.py b/Payload_Type/arachne/arachne/agent_functions/execute_assembly.py
@@ -53,7 +53,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -69,7 +70,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     await SendMythicRPCResponseCreate(MythicRPCResponseCreateMessage(

diff --git a/Payload_Type/arachne/arachne/agent_functions/ls.py b/Payload_Type/arachne/arachne/agent_functions/ls.py
@@ -47,7 +47,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -63,7 +64,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     await SendMythicRPCResponseCreate(MythicRPCResponseCreateMessage(

diff --git a/Payload_Type/arachne/arachne/agent_functions/pwd.py b/Payload_Type/arachne/arachne/agent_functions/pwd.py
@@ -35,7 +35,8 @@ async def create_go_tasking(self, taskData: MythicCommandBase.PTTaskMessageAllDa
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -52,7 +53,8 @@ async def create_go_tasking(self, taskData: MythicCommandBase.PTTaskMessageAllDa
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 logger.info(str(decrypted_resp.Message))
                 if decrypted_resp.Success:

diff --git a/Payload_Type/arachne/arachne/agent_functions/rm.py b/Payload_Type/arachne/arachne/agent_functions/rm.py
@@ -48,7 +48,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -64,7 +65,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     await SendMythicRPCResponseCreate(MythicRPCResponseCreateMessage(

diff --git a/Payload_Type/arachne/arachne/agent_functions/shell.py b/Payload_Type/arachne/arachne/agent_functions/shell.py
@@ -48,7 +48,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -64,7 +65,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     await SendMythicRPCResponseCreate(MythicRPCResponseCreateMessage(

diff --git a/Payload_Type/arachne/arachne/agent_functions/upload.py b/Payload_Type/arachne/arachne/agent_functions/upload.py
@@ -50,7 +50,8 @@ async def create_go_tasking(self,
             AgentCallbackUUID=taskData.Callback.AgentCallbackID,
             Message=message.encode(),
             IncludesUUID=False,
-            IsBase64Encoded=False
+            IsBase64Encoded=False,
+            C2Profile="webshell"
         ))
         if encrypted_resp.Success:
             try:
@@ -66,7 +67,8 @@ async def create_go_tasking(self,
                     AgentCallbackUUID=taskData.Callback.AgentCallbackID,
                     Message=response_data,
                     IncludesUUID=False,
-                    IsBase64Encoded=True
+                    IsBase64Encoded=True,
+                    C2Profile="webshell"
                 ))
                 if decrypted_resp.Success:
                     await SendMythicRPCResponseCreate(MythicRPCResponseCreateMessage(