v3.2.20-rc10

fixing a few errors in MythicRPC calls when fetching data from database

CHANGELOG.MD

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.2.20-rc10] - 2024-04-10
+
+### Changed
+
+- Fixed a few of the SendMythicRPC* calls to fetch all the same data as normal agent processing
+
 ## [3.2.20-rc9] - 2024-04-08
 
 ### Changed

VERSION

@@ -1 +1 @@
-3.2.20-rc9
+3.2.20-rc10

mythic-docker/src/go.mod

@@ -4,8 +4,6 @@ go 1.19
 
 require (
 	github.com/gin-gonic/gin v1.9.1
-	github.com/go-logr/logr v1.4.1
-	github.com/go-logr/zerologr v1.2.3
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/google/uuid v1.6.0
 	github.com/jmoiron/sqlx v1.3.5

mythic-docker/src/go.sum

@@ -24,10 +24,6 @@ github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
 github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
 github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs=
 github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw=
-github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
-github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
-github.com/go-logr/zerologr v1.2.3 h1:up5N9vcH9Xck3jJkXzgyOxozT14R47IyDODz8LM1KSs=
-github.com/go-logr/zerologr v1.2.3/go.mod h1:BxwGo7y5zgSHYR1BjbnHPyF/5ZjVKfKxAZANVu6E8Ho=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
@@ -138,8 +134,6 @@ golang.org/x/arch v0.7.0 h1:pskyeJh/3AmoQ8CPE95vxHLqp1G1GfGNXTmcl9NEKTc=
 golang.org/x/arch v0.7.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
 golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
 golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
-golang.org/x/exp v0.0.0-20240314144324-c7f7c6466f7f h1:3CW0unweImhOzd5FmYuRsD4Y4oQFKZIjAnKbjV4WIrw=
-golang.org/x/exp v0.0.0-20240314144324-c7f7c6466f7f/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
 golang.org/x/exp v0.0.0-20240318143956-a85f2c67cd81 h1:6R2FC06FonbXQ8pK11/PDFY6N6LWlf9KlzibaCapmqc=
 golang.org/x/exp v0.0.0-20240318143956-a85f2c67cd81/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ=
 golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
@@ -154,8 +148,6 @@ golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7 h1:8EeVk1VKMD+GD/neyEHGmz7pFblqPjHoi+PGQIlLx2s=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 h1:NnYq6UN9ReLM9/Y01KWNOWyI5xQ9kbIms5GGJVwS/Yc=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY=
 google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk=

mythic-docker/src/rabbitmq/recv_mythic_rpc_callbacktoken_create.go

@@ -41,11 +41,17 @@ func MythicRPCCallbackTokenCreate(input MythicRPCCallbackTokenCreateMessage) Myt
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response

mythic-docker/src/rabbitmq/recv_mythic_rpc_callbacktoken_remove.go

@@ -41,11 +41,17 @@ func MythicRPCCallbackTokenRemove(input MythicRPCCallbackTokenRemoveMessage) Myt
 		input.CallbackTokens[i].Action = "remove"
 	}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response

mythic-docker/src/rabbitmq/recv_mythic_rpc_credential_create.go

@@ -38,13 +38,17 @@ func MythicRPCCredentialCreate(input MythicRPCCredentialCreateMessage) MythicRPC
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	task.operation_id,
-	task.operator_id,
-	task.id,
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response

mythic-docker/src/rabbitmq/recv_mythic_rpc_filebrowser_create.go

@@ -34,16 +34,22 @@ func MythicRPCFileBrowserCreate(input MythicRPCFileBrowserCreateMessage) MythicR
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response
 	} else if err := handleAgentMessagePostResponseFileBrowser(task, &input.FileBrowser); err != nil {
-		logging.LogError(err, "Failed to create processes in MythicRPCProcessCreate")
+		logging.LogError(err, "Failed to create processes in MythicRPCFileBrowserCreate")
 		response.Error = err.Error()
 		return response
 	} else {

mythic-docker/src/rabbitmq/recv_mythic_rpc_filebrowser_remove.go

@@ -34,11 +34,17 @@ func MythicRPCFileBrowserRemove(input MythicRPCFileBrowserRemoveMessage) MythicR
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response

mythic-docker/src/rabbitmq/recv_mythic_rpc_keylog_create.go

@@ -38,11 +38,17 @@ func MythicRPCKeylogCreate(input MythicRPCKeylogCreateMessage) MythicRPCKeylogCr
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response

mythic-docker/src/rabbitmq/recv_mythic_rpc_process_create.go

@@ -38,11 +38,17 @@ func MythicRPCProcessCreate(input MythicRPCProcessCreateMessage) MythicRPCProces
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response

mythic-docker/src/rabbitmq/recv_mythic_rpc_process_search.go

@@ -52,15 +52,13 @@ func MythicRPCProcessSearch(input MythicRPCProcessSearchMessage) MythicRPCProces
 	paramDict := make(map[string]interface{})
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT 
-	task.id,
-	callback.operation_id "callback.operation_id"
+	task.id, task.operation_id
 	FROM task
-	JOIN callback ON task.callback_id = callback.id
 	WHERE task.id=$1`, input.TaskID); err != nil {
 		response.Error = err.Error()
 		return response
 	} else {
-		paramDict["operation_id"] = task.Callback.OperationID
+		paramDict["operation_id"] = task.OperationID
 		searchString := `SELECT * FROM mythictree WHERE operation_id=:operation_id AND tree_type='process' `
 		if input.SearchProcess.Host != nil {
 			paramDict["host"] = fmt.Sprintf("%%%s%%", *input.SearchProcess.Host)

mythic-docker/src/rabbitmq/recv_mythic_rpc_token_create.go

@@ -41,11 +41,17 @@ func MythicRPCTokenCreate(input MythicRPCTokenCreateMessage) MythicRPCTokenCreat
 	}
 	task := databaseStructs.Task{}
 	if err := database.DB.Get(&task, `SELECT
-	callback.operation_id "callback.operation_id",
-	callback.host "callback.host"
-	FROM task
-	JOIN callback ON task.callback_id = callback.id
-	WHERE task.id = $1`, input.TaskID); err != nil {
+		task.id, task.status, task.completed, task.status_timestamp_processed, task.operator_id, task.operation_id,
+		callback.host "callback.host",
+		callback.user "callback.user",
+		callback.id "callback.id",
+		callback.display_id "callback.display_id",
+		payload.payload_type_id "callback.payload.payload_type_id",
+		payload.os "callback.payload.os"
+		FROM task
+		JOIN callback ON task.callback_id = callback.id
+		JOIN payload ON callback.registered_payload_id = payload.id
+		WHERE task.id = $1`, input.TaskID); err != nil {
 		logging.LogError(err, "Failed to fetch task")
 		response.Error = err.Error()
 		return response