From 59ab5936715cc0d4c77ad09c0e86feca9b1583c5 Mon Sep 17 00:00:00 2001 From: its-a-feature Date: Fri, 4 Oct 2024 08:56:05 -0500 Subject: [PATCH] execute_assembly updates --- Payload_Type/apollo/CHANGELOG.MD | 6 ++++++ .../apollo/agent_code/ExecuteAssembly/Program.cs | 13 +++++++++---- .../apollo/apollo/mythic/agent_functions/builder.py | 2 +- agent_capabilities.json | 2 +- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/Payload_Type/apollo/CHANGELOG.MD b/Payload_Type/apollo/CHANGELOG.MD index 9e51a8ee..bc0d2479 100644 --- a/Payload_Type/apollo/CHANGELOG.MD +++ b/Payload_Type/apollo/CHANGELOG.MD @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v2.2.17] - 2024-10-04 + +### Changed + +- updated execute_assembly injected stub to hopefully capture more output successfully + ## [v2.2.16] - 2024-10-03 ### Changed diff --git a/Payload_Type/apollo/apollo/agent_code/ExecuteAssembly/Program.cs b/Payload_Type/apollo/apollo/agent_code/ExecuteAssembly/Program.cs index 81f08fc1..44c286d9 100644 --- a/Payload_Type/apollo/apollo/agent_code/ExecuteAssembly/Program.cs +++ b/Payload_Type/apollo/apollo/agent_code/ExecuteAssembly/Program.cs @@ -64,7 +64,7 @@ public static void Main(string[] args) _senderEvent, _cts.Token.WaitHandle }); - if (!_cts.IsCancellationRequested && _senderQueue.TryDequeue(out byte[] result)) + while (_senderQueue.TryDequeue(out byte[] result)) { pipe.BeginWrite(result, 0, result.Length, OnAsyncMessageSent, pipe); } @@ -101,7 +101,7 @@ public static void Main(string[] args) stderrSw.BufferWritten += OnBufferWrite; Console.SetOut(stdoutSw); - Console.SetError(stdoutSw); + Console.SetError(stderrSw); try { @@ -176,8 +176,13 @@ private static void OnBufferWrite(object sender, StringDataEventArgs args) { if (args.Data != null) { - _senderQueue.Enqueue(Encoding.UTF8.GetBytes(args.Data)); - _senderEvent.Set(); + try + { + _senderQueue.Enqueue(Encoding.UTF8.GetBytes(args.Data)); + _senderEvent.Set(); + } + catch { } + } } diff --git a/Payload_Type/apollo/apollo/mythic/agent_functions/builder.py b/Payload_Type/apollo/apollo/mythic/agent_functions/builder.py index 0079fd4d..75430633 100644 --- a/Payload_Type/apollo/apollo/mythic/agent_functions/builder.py +++ b/Payload_Type/apollo/apollo/mythic/agent_functions/builder.py @@ -21,7 +21,7 @@ class Apollo(PayloadType): supported_os = [ SupportedOS.Windows ] - version = "2.2.16" + version = "2.2.17" wrapper = False wrapped_payloads = ["scarecrow_wrapper", "service_wrapper"] note = """ diff --git a/agent_capabilities.json b/agent_capabilities.json index c3213919..1299ea56 100644 --- a/agent_capabilities.json +++ b/agent_capabilities.json @@ -11,6 +11,6 @@ "architectures": ["x86_64"], "c2": ["http", "smb", "tcp", "websocket"], "mythic_version": "3.3.0", - "agent_version": "2.2.15", + "agent_version": "2.2.17", "supported_wrappers": ["service_wrapper", "scarecrow_wrapper"] } \ No newline at end of file