diff --git a/Payload_Type/poseidon/.docker/Dockerfile b/Payload_Type/poseidon/.docker/Dockerfile index ffce0ca..6023604 100644 --- a/Payload_Type/poseidon/.docker/Dockerfile +++ b/Payload_Type/poseidon/.docker/Dockerfile @@ -6,4 +6,6 @@ COPY [".", "."] RUN make build +RUN apt-get install g++-x86-64-linux-gnu libc6-dev-amd64-cross -y + CMD make run \ No newline at end of file diff --git a/Payload_Type/poseidon/Dockerfile b/Payload_Type/poseidon/Dockerfile index ffce0ca..6023604 100644 --- a/Payload_Type/poseidon/Dockerfile +++ b/Payload_Type/poseidon/Dockerfile @@ -6,4 +6,6 @@ COPY [".", "."] RUN make build +RUN apt-get install g++-x86-64-linux-gnu libc6-dev-amd64-cross -y + CMD make run \ No newline at end of file diff --git a/Payload_Type/poseidon/poseidon/agent_code/jsimport_call/jxa_wrapper_darwin.m b/Payload_Type/poseidon/poseidon/agent_code/jsimport_call/jxa_wrapper_darwin.m index 41a5bb9..6f0e25c 100644 --- a/Payload_Type/poseidon/poseidon/agent_code/jsimport_call/jxa_wrapper_darwin.m +++ b/Payload_Type/poseidon/poseidon/agent_code/jsimport_call/jxa_wrapper_darwin.m @@ -16,7 +16,7 @@ NSString *result = runError[@"OSAScriptErrorMessageKey"]; return [result UTF8String]; } - NSString* fmtString = [NSString stringWithFormat:@"%@", res]; + NSString* fmtString = [NSString stringWithFormat:@"%@", res.stringValue]; char* output = [fmtString UTF8String]; return output; } @catch (NSException *exception) { diff --git a/Payload_Type/poseidon/poseidon/agent_code/jxa/jxa_wrapper_darwin.m b/Payload_Type/poseidon/poseidon/agent_code/jxa/jxa_wrapper_darwin.m index ff9fd21..e019970 100644 --- a/Payload_Type/poseidon/poseidon/agent_code/jxa/jxa_wrapper_darwin.m +++ b/Payload_Type/poseidon/poseidon/agent_code/jxa/jxa_wrapper_darwin.m @@ -16,7 +16,7 @@ NSString *result = runError[@"OSAScriptErrorMessageKey"]; return [result UTF8String]; } - NSString* fmtString = [NSString stringWithFormat:@"%@", res]; + NSString* fmtString = [NSString stringWithFormat:@"%@", res.stringValue]; char* output = [fmtString UTF8String]; return output; } @catch (NSException *exception) { diff --git a/Payload_Type/poseidon/poseidon/agentfunctions/builder.go b/Payload_Type/poseidon/poseidon/agentfunctions/builder.go index b329a4d..c99a450 100644 --- a/Payload_Type/poseidon/poseidon/agentfunctions/builder.go +++ b/Payload_Type/poseidon/poseidon/agentfunctions/builder.go @@ -21,7 +21,7 @@ import ( "time" ) -const version = "2.1.3" +const version = "2.1.4" type sleepInfoStruct struct { Interval int `json:"interval"` @@ -444,6 +444,8 @@ func build(payloadBuildMsg agentstructs.PayloadBuildMessage) agentstructs.Payloa } else { if goarch == "arm64" { command += "CC=aarch64-linux-gnu-gcc " + } else { + command += "CC=x86_64-linux-gnu-gcc" } } command += "GOGARBLE=* " @@ -650,6 +652,6 @@ func onNewCallback(data agentstructs.PTOnNewCallbackAllData) agentstructs.PTOnNe func Initialize() { agentstructs.AllPayloadData.Get("poseidon").AddPayloadDefinition(payloadDefinition) agentstructs.AllPayloadData.Get("poseidon").AddBuildFunction(build) - agentstructs.AllPayloadData.Get("poseidon").AddOnNewCallbackFunction(onNewCallback) + //agentstructs.AllPayloadData.Get("poseidon").AddOnNewCallbackFunction(onNewCallback) agentstructs.AllPayloadData.Get("poseidon").AddIcon(filepath.Join(".", "poseidon", "agentfunctions", "poseidon.svg")) } diff --git a/Payload_Type/poseidon/poseidon/agentfunctions/jsimport_call.go b/Payload_Type/poseidon/poseidon/agentfunctions/jsimport_call.go index b6a9073..d2c3b65 100644 --- a/Payload_Type/poseidon/poseidon/agentfunctions/jsimport_call.go +++ b/Payload_Type/poseidon/poseidon/agentfunctions/jsimport_call.go @@ -64,10 +64,12 @@ func init() { response.Error = err.Error() return response } else if search, err := mythicrpc.SendMythicRPCFileSearch(mythicrpc.MythicRPCFileSearchMessage{ - Filename: filename, - LimitByCallback: true, - CallbackID: taskData.Callback.ID, - MaxResults: 1, + Filename: filename, + LimitByCallback: true, + CallbackID: taskData.Callback.ID, + MaxResults: 1, + IsPayload: false, + IsDownloadFromAgent: false, }); err != nil { response.Success = false response.Error = "Error trying to search for files: " + err.Error() diff --git a/Payload_Type/poseidon/poseidon/browserscripts/screencapture_new.js b/Payload_Type/poseidon/poseidon/browserscripts/screencapture_new.js index 4640358..ee7dff8 100644 --- a/Payload_Type/poseidon/poseidon/browserscripts/screencapture_new.js +++ b/Payload_Type/poseidon/poseidon/browserscripts/screencapture_new.js @@ -22,13 +22,9 @@ function(task, responses){ if(errors.length > 0){ responseData["plaintext"] = "Errors downloading:\n" + JSON.stringify(errors, null, 2); }else if(screenshots.length > 0){ - responseData["screenshot"] = [ - { - "agent_file_id": screenshots, - "variant": "contained", - "name": "View Screenshots" - } - ] + responseData["media"] = screenshots.map( s => { + return {agent_file_id: s, filename: "monitor.png"} + }) } return responseData; }else{ diff --git a/Payload_Type/poseidon/poseidon/browserscripts/sshauth_new.js b/Payload_Type/poseidon/poseidon/browserscripts/sshauth_new.js index 7f6ec07..e182009 100644 --- a/Payload_Type/poseidon/poseidon/browserscripts/sshauth_new.js +++ b/Payload_Type/poseidon/poseidon/browserscripts/sshauth_new.js @@ -16,11 +16,11 @@ function(task, response){ let rows = []; for(let j = 0; j < data.length; j++) { rows.push({ - "host": {"plaintext": data[j]["host"]}, - "username": {"plaintext": data[j]["username"]}, + "host": {"plaintext": data[j]["host"], "copyIcon": true}, + "username": {"plaintext": data[j]["username"], "copyIcon": true}, "secret": {"plaintext": data[j]["secret"]}, "status": {"plaintext": data[j]["status"]}, - "output": {"plaintext": data[j]["output"]}, + "output": {"plaintext": data[j]["output"], "copyIcon": true}, "copy_status": {"plaintext": data[j]["copy_status"]}, "rowStyle": {backgroundColor: data[j]["success"] ? "green" : ""}, });