DeimosC2
DeimosC2 copied to clipboard
DeimosC2
Error: "undefined" when using options command and others
Environment Data
- DeimosC2 Version: 1.1.0-Beta
- DeimosC2 Build: e126882
- Operating System: Kali 2021.3, fully up to date
Expected Behavior
- change agent delay with "options" command
Actual Behavior
- "receive error "undefined". No errors being thrown on the console running the server. It APPEARS to be a UI issue, not 100% sure.
Steps to Reproduce Behavior
- type "options --help", "options --delay 5", "options delay 5", etc.
- download seems to work when using the file browser, but unable to type it as a console command (isn't in the help menu either, so I was unsure if it was supposed to work in the console)
Misc Information
--Screenshot
This does look like a purely frontend issue since the delay command is not issuing commands to the backend, I suspect it's in the terminal parser and will start digging in there.
@podjackel here is the list of available command for webshell and agents
The list is very limited. Any other command should start with one of the mentioned in the list. shell options --delay 5 should work. If it is another command then it should be added to the files mentioned above. Let me know if there is something I can help with.
To avoid confusion, we can add shell as a default command and if a user typed anything else than the available command, it would be treated as a shell <anything that was typed by user>. What do you guys think about it?
shell should only be used for command execution. The options command should not leverage that.
https://github.com/DeimosC2/DeimosC2/blob/2f368a5b151ea2da9f4fcc3627b1eb7d28b38fe5/frontend/src/plugins/jquery-terminal/agentCommands.js#L33-L41
shell options --delay 5
does not work, just FYI. Only shell and kill commands seem to be parsed properly
Looks like this issue links back to #4 where fixing the shell command to handle pipes broke the formatting for the other commands. When running the shell command the object passed to the agentcommands instance inherited from AgentInterface.vue is formatted as:
{"_":["shell","ifconfig","eth0","|","grep","-v inet"]}
But when executing the options command options --delay 1 --jitter 2 you get this:
{"_":["options","-delay 1","-jitter 2"]}
When this is passed to the agentCommands.options() method it isn't parsed correctly any more. There is a defined list of options the user can set:
const optionsKeys = [
"jitter", // % change of delay
"delay", // in seconds
"eol", // some date-time format
"hours" // live hours like "5:00-19:00"
];
Then the passed object is checked to see if each key exists as an key of the passed object, but since the only key is _ it never matches and the command errors out.
I'm working on reworking the processing flow so that if the command contains a pipe it will be parsed differently from commands without a pipe.
I’m not sure if this is also related, but you can’t send quotes in commands without them getting pre-escaped. I did a shell echo “ to see that it is always doing \” by the time it gets to the agent. This breaks things and I can’t find a way to run any shell command that has quotes in it.
This is a good point and I'll take a look at how we can handle that, since we're sending JSON over the websocket to the server this might need some backend adjustments as well.
Happy New Year! Any update on this? Unfortunately this bug is a real show stopper and really handicaps the tool.
Happy new year to you too! Revisiting this, and I apologize for the delay. I think the most straight forward path is revert commit 6e38949d669fb9344f9fb66758f4a5583dfb4274 and rework the "pipe" issue #3.
I'll get a dev branch with this fix and a test distro and will update when it's ready.
What I thought be a quick revert/rebuild and publish to a test branch has turned into a Vue build nightmare and I'm currently working to track down. There is some kind of error when running npm install to pull the packages from NPM and they are failing to compile. I'll keep troubleshooting.
I'm really sorry for the extended delay. A complete refresh of the front end is my next project to keep these kind of issues to a minimum.
Alright! I was finally able to get the Vue build to complete using a Docker setup I had put together and will publish for helping anyone else that wants to have a good way to do test builds for the frontend.
Commit 65a5105adb10d614ed65e92f07b2280df7f77697 branch addresses two issues:
- Issue #39
- This was caused by an incorrect block scoping of the return variable and was a purely cosmetic issue, but it's been fixed and returns similar output to sending a shell command.
- Issue #3
- The fix originally implemented was overly complex for what was needed. There is now a check if the command contains a pipe character and will pass the raw command to the server and not attempt to use the yargs parser in the front end.
https://github.com/DeimosC2/DeimosC2/releases/tag/1.1.0-beta.1
Is there any way you could build it against a lower version of glibc like the previous releases?
/lib/x86_64-linux-gnu/libc.so.6: version 'GLIBC_2.32' not found
I am still unable to get any commands to work other than "shell" commands. Just getting everything as "undefined". I'm still trying to change the callback interval unsuccessfully. Not sure what the command is supposed to be, but I've tried all of these and they haven't worked: options --delay 5 options -delay 5 options --delay 5s options --help shell options --delay 5
Took me a bit to sort out how to efficiently get Go to build against an older version of GLIBC without needing to spin up a old debian VM, but after that is appears to be working:
Here are some test builds. Decided to not do the pre-release builds to keep the build list clean so I threw them up on Mega since it's too large to attach them here.
Whatever trick you used for GLIBC worked. I only tested the Linux build. After deleting the go.sum and go.mod files, the listeners would properly build the agents with no Internet connectivity - which was another issue I was fighting with. After that, I was able to successfully send both shell commands AND an options command to change the agent's sleep interval!! The only issue I'm having now is that all help messages seem to be broken. If you type "help", it always says "TypeError: "" is not a function
I wanted to give a few more updates / comments. I mentioned it above before, but commands with quotes still do not work. Any quotes are not parsed and passed onto the agent properly. I have a picture running the exact same command on the system using a command prompt and working, then in DeimosC2 not working - as a reference for an example of a command with spaces. This breaks a lot of common commands I run during a red team assessment and is the next biggest "showstopper" I'm seeing at the moment.
Also, it would also be really nice if the actual output of stderr was captured instead of just the windows error messages. This is also shown in the screenshot.
And with the glibc compilation, is it possible to go a few versions back more than you already did? This latest build works on Kali 2021.4a for example, but even the version one back, Kali 2021.3 doesn't work properly..The latest release version 1.1.0-Beta said it was "Compiled Linux version with Debian 8 so GLIBC_2.14" - and that seems to work just about everywhere I've seen.
Thanks for the extra info! Annoying that these errors keep popping up and I should have tested more against a windows agent. I'll do some more checking on it and see if I can get another test build out next week.