updating build for x64 on arm64 and a few browser scripts

MythicAgents · Sep 4, 2024 · 06d8e4d · 06d8e4d
1 parent c5feb2f
commit 06d8e4d
Show file tree

Hide file tree

Showing 8 changed files with 22 additions and 18 deletions.
diff --git a/Payload_Type/poseidon/.docker/Dockerfile b/Payload_Type/poseidon/.docker/Dockerfile
@@ -6,4 +6,6 @@ COPY [".", "."]
 
 RUN make build
 
+RUN apt-get install g++-x86-64-linux-gnu libc6-dev-amd64-cross -y
+
 CMD make run
diff --git a/Payload_Type/poseidon/Dockerfile b/Payload_Type/poseidon/Dockerfile
@@ -6,4 +6,6 @@ COPY [".", "."]
 
 RUN make build
 
+RUN apt-get install g++-x86-64-linux-gnu libc6-dev-amd64-cross -y
+
 CMD make run
diff --git a/Payload_Type/poseidon/poseidon/agent_code/jsimport_call/jxa_wrapper_darwin.m b/Payload_Type/poseidon/poseidon/agent_code/jsimport_call/jxa_wrapper_darwin.m
@@ -16,7 +16,7 @@
                 NSString *result = runError[@"OSAScriptErrorMessageKey"];
                 return [result UTF8String];
             }
-            NSString* fmtString = [NSString stringWithFormat:@"%@", res];
+            NSString* fmtString = [NSString stringWithFormat:@"%@", res.stringValue];
             char* output = [fmtString UTF8String];
             return output;
     } @catch (NSException *exception) {

diff --git a/Payload_Type/poseidon/poseidon/agent_code/jxa/jxa_wrapper_darwin.m b/Payload_Type/poseidon/poseidon/agent_code/jxa/jxa_wrapper_darwin.m
@@ -16,7 +16,7 @@
                 NSString *result = runError[@"OSAScriptErrorMessageKey"];
                 return [result UTF8String];
             }
-            NSString* fmtString = [NSString stringWithFormat:@"%@", res];
+            NSString* fmtString = [NSString stringWithFormat:@"%@", res.stringValue];
             char* output = [fmtString UTF8String];
             return output;
     } @catch (NSException *exception) {

diff --git a/Payload_Type/poseidon/poseidon/agentfunctions/builder.go b/Payload_Type/poseidon/poseidon/agentfunctions/builder.go
@@ -21,7 +21,7 @@ import (
 	"time"
 )
 
-const version = "2.1.3"
+const version = "2.1.4"
 
 type sleepInfoStruct struct {
 	Interval int       `json:"interval"`
@@ -444,6 +444,8 @@ func build(payloadBuildMsg agentstructs.PayloadBuildMessage) agentstructs.Payloa
 	} else {
 		if goarch == "arm64" {
 			command += "CC=aarch64-linux-gnu-gcc "
+		} else {
+			command += "CC=x86_64-linux-gnu-gcc"
 		}
 	}
 	command += "GOGARBLE=* "
@@ -650,6 +652,6 @@ func onNewCallback(data agentstructs.PTOnNewCallbackAllData) agentstructs.PTOnNe
 func Initialize() {
 	agentstructs.AllPayloadData.Get("poseidon").AddPayloadDefinition(payloadDefinition)
 	agentstructs.AllPayloadData.Get("poseidon").AddBuildFunction(build)
-	agentstructs.AllPayloadData.Get("poseidon").AddOnNewCallbackFunction(onNewCallback)
+	//agentstructs.AllPayloadData.Get("poseidon").AddOnNewCallbackFunction(onNewCallback)
 	agentstructs.AllPayloadData.Get("poseidon").AddIcon(filepath.Join(".", "poseidon", "agentfunctions", "poseidon.svg"))
 }
diff --git a/Payload_Type/poseidon/poseidon/agentfunctions/jsimport_call.go b/Payload_Type/poseidon/poseidon/agentfunctions/jsimport_call.go
@@ -64,10 +64,12 @@ func init() {
 				response.Error = err.Error()
 				return response
 			} else if search, err := mythicrpc.SendMythicRPCFileSearch(mythicrpc.MythicRPCFileSearchMessage{
-				Filename:        filename,
-				LimitByCallback: true,
-				CallbackID:      taskData.Callback.ID,
-				MaxResults:      1,
+				Filename:            filename,
+				LimitByCallback:     true,
+				CallbackID:          taskData.Callback.ID,
+				MaxResults:          1,
+				IsPayload:           false,
+				IsDownloadFromAgent: false,
 			}); err != nil {
 				response.Success = false
 				response.Error = "Error trying to search for files: " + err.Error()

diff --git a/Payload_Type/poseidon/poseidon/browserscripts/screencapture_new.js b/Payload_Type/poseidon/poseidon/browserscripts/screencapture_new.js
@@ -22,13 +22,9 @@ function(task, responses){
         	if(errors.length > 0){
         		responseData["plaintext"] = "Errors downloading:\n" + JSON.stringify(errors, null, 2);
 			}else if(screenshots.length > 0){
-        		responseData["screenshot"] = [
-					{
-						"agent_file_id": screenshots,
-						"variant": "contained",
-						"name": "View Screenshots"
-					}
-				]
+				responseData["media"] = screenshots.map( s => {
+					return {agent_file_id: s, filename: "monitor.png"}
+				})
 			}
         	return responseData;
         }else{

diff --git a/Payload_Type/poseidon/poseidon/browserscripts/sshauth_new.js b/Payload_Type/poseidon/poseidon/browserscripts/sshauth_new.js
@@ -16,11 +16,11 @@ function(task, response){
 		let rows = [];
 		for(let j = 0; j < data.length; j++) {
 			rows.push({
-				"host": {"plaintext": data[j]["host"]},
-				"username": {"plaintext": data[j]["username"]},
+				"host": {"plaintext": data[j]["host"], "copyIcon": true},
+				"username": {"plaintext": data[j]["username"], "copyIcon": true},
 				"secret": {"plaintext": data[j]["secret"]},
 				"status": {"plaintext": data[j]["status"]},
-				"output": {"plaintext": data[j]["output"]},
+				"output": {"plaintext": data[j]["output"], "copyIcon": true},
 				"copy_status": {"plaintext": data[j]["copy_status"]},
 				"rowStyle": {backgroundColor: data[j]["success"] ? "green" : ""},
 			});
Original file line number	Diff line number	Diff line change
Expand Up		@@ -6,4 +6,6 @@ COPY [".", "."]

		RUN make build

		RUN apt-get install g++-x86-64-linux-gnu libc6-dev-amd64-cross -y

		CMD make run