- cutting the release again
- Updated to merge in PR for adding OperationID to SendMythicRPCFileSearch functionality
- Fixed an issue with SendMythicRPCPayloadUpdateBuildStep having a lowercase b instead of B
- To preserve backwards compatability SendMythicRPCPayloadUpdatebuildStep just calls the right one
- Updated the
start_and_run_foreverloop from PR #30 from NetPenguins/main for Python 3.14 updates
- Adding support for specifying custom rabbitmq vhost and username
- Updated SendMythicRPCTaskCreate to require OperatorID, TaskID, or EventStepInstanceID
- This is needed to associate the new task with the appropriate user instead of the callback creator
- Added new fields to the CustomBrowser Export functionality
- Added ability to create file with OperationID and OperatorID
- Added new
CustomBrowserclass inCustomBrowserBase - Added new
HideConditionOperandvalues for PayloadType's BuildParameter Hide Conditions - Added
verifier_regexoption to Command Parameters - Updated imports in
__init__.pyfor MythicGoRPC - Updated
SendMythicRPCCallbackCreateto allow supplyingCwd,ImpersonationContext, andProcessNameparameters - Updated
MythicRPCCallbackDisplayToRealIdSearchto supplyNoneinstead of default""forOperationName - Updated
MythicRPCTaskDisplayToRealIdSearchto supplyNoneinstead of default""forOperationName - Updated
SendMythicRPCCallbackUpdateto allow supplyingCwd,ImpersonationContext, andDeadparameters - Added
SendMythicRPCCallbackTokenSearch - Added
SendMythicRPCCustomBrowserSearch - Updated
ContainerVersionto"v1.4.1"
- Merging PR for getIOC and getSampleMessage fixes
- Updating failsafe checks for a few MythicRPC calls to account for missing parameters
- Added SendMythicRPCCallbackEdgeRemove
- Added SendMythicRPCHandleAgentMessageJson
- Updated the following MythicRPC calls to be consistent about CallbackID, AgentCallbackID, and the use of ID in general:
- CallbackID is always an Int, AgentCallbackID is the UUID string, and all ID variables should have capital ID not Id
- SendMythicRPCCallbackAddCommand: CallbackAgentUUID -> AgentCallbackID
- SendMythicRPCCallbackDecryptBytes: AgentCallbackUUID -> AgentCallbackID
- SendMythicRPCCallbackEdgeSearch: AgentCallbackUUID -> AgentCallbackID, AgentCallbackID -> CallbackID
- SendMythicRPCCallbackEncryptBytes: AgentCallbackUUID -> AgentCallbackID
- SendMythicRPCCallbackRemoveCommand: AgentCallbackUUID -> AgentCallbackID
- SendMythicRPCCallbackSearch: AgentCallbackUUID -> AgentCallbackID, AgentCallbackID -> CallbackID, SearchCallbackUUID -> SearchAgentCallbackID
- SendMythicRPCCallbackUpdate: AgentCallbackUUID -> AgentCallbackID
- SendMythicRPCCallbackTokenCreate: TokenId -> TokenID
- SendMythicRPCFileGetContent: AgentFileId -> AgentFileID
- SendMythicRPCFileCreate: AgentFileId -> AgentFileID
- SendMythicRPCFileSearch: AgentFileId -> AgentFileID
- SendMythicRPCOperationEventLogCreate: TaskId -> TaskID, CallbackId -> CallbackID, CallbackAgentId -> AgentCallbackID, OperationId -> OperationID
- SendMythicRPCPayloadOnHostCreate: PayloadId -> PayloadID
- Failsafe checks are added to account for old naming, but warning messages are emitted when an old name is detected
- Added "ui_position" fields to Payload Type Build Parameters and C2 Profile Parameters
- Added "dynamic_query_function" option to Payload Type Build Parameters
- Fixed an issue with bad responses fetching files from Mythic is the response code wasn't 200
- Fixed an issue with missing parameters for webhook new callback data
- Fixed an issue with the callbackgraph edge search that wouldn't clear results between calls
- Fixed the processing for the callbackgraph edge search
- Fixed an issue with streaming long output from C2 profile debugging
- Added
semverfields to all service definitions - C2 Profiles can now report back agent_icon and dark_mode_agent_icon just like payload types
- Payload type build parameters now have a supported_os, group_name, and hide_conditions fields
- hide conditions allow you to specify when a specific build parameter should be hidden from user view
- group_name allows you to group like-parameters together in the UI
- supported_os allows you to limit build parameters to certain OS selections
- Payload type how has a c2 deviations parameter that allows you to modify fields of supported C2 profiles
- for example - alter the defaults, change dropdown options, hide parameters completely
- Updating for the PR adjusting how abstract classes are processed for command discovery in payload types
- Updated CommandBase to have an optional
supported_payload_typesattribute- this can be used if multiple payload types are defined within one container to restrict which commands are associated with each payload type
- Updated the custom logger code to not reinstantiate each time
- Updated the custom webhook code to not reinstantiate each time
- Merged a PR to fix an issue with a legacy RPC call
- Fixed the RabbitMQ endpoint name for the SendMythicRPCTagTypeGetOrCreate function
- Updated some of the logging and looping for RPC calls in rabbitmq
- Updated error message output for eventing response intercepts
- Added SearchParentTaskID options for MythicRPCTaskSearch
- Added MythicRPCTagCreate, MythicRPCTagSearch, and MythicRPCTagTypeGetOrCreate
- Added support for intercepting interactive task sub tasks for processing
- Added support to dynamic query functions to access "other_parameters" for context about what the other parameters have set
- Fixed variable name usage
- Added checks around crashing Eventing functions to catch errors and update proper event steps
- Reverted some rabbitmq changes
- Updated the ordering for syncing classes so that translation containers happen before payload types
- Fixed a bug with instantiating classes
- Updated CommandBase to have more explicit attributes instead of abstract properties
- Adding Python pieces for CallbackUpdate time and c2 profile components via MythicRPC
- Updated the MythicRPCCallbackSearch to allow specifying Payload Type names
- Updated the MythicRPCCallbackAddCommand and MythicRPCCallbackRemoveCommand functions to allow specifying list of callback IDs
- Updated the SendMythicRPCSyncPayloadType functionality to force Mythic to NOT re-call the on_start functionality
- This needs Mythic v3.3.1-rc31+
- Added ReprocessAtNewCommandPayloadType option for create_go_tasking response
- Added AgentCallbackID and PayloadType to MythicRPCCallbackAddCommand and MythicRPCCallbackRemoveCommand messages
- Added more checks when syncing commands to make sure that duplicates aren't processed
- Added new SendMythicRPCSync* functions in the base classes for the following classes
- PayloadBuilder
- This one in particular has you specify a set of additional commands (potentially dynamically created) to sync with Mythic
- WebhookBase
- AuthBase
- EventingBase
- LoggingBase
- This will allow you to make changes to your class definitions as needed and re-sync the updates to Mythic when you want
- PayloadBuilder
- Merged Evan McBroom's PR to fix missing imports in the MythicGoRPC Folder
- Added Evan McBroom's PR for multi-level inheritance (#12)
- Added support for specifying username/password for proxy stop
- Added support for specifying in the agent definition if original or display parameters should be used in the cli history
- This is an effort to reduce the amount of JSON users might see if they up/down arrow on the command line
- This defaults to false, but if you set it to true then you should make sure that your
response.DisplayParamsare a valid format for tasking
- Changed order of calls for C2 Syncing so that RabbitMQ listeners are started before syncing over data
- Added mutex around starting/stopping the internal server
- Updated many C2 RPC functions to allow them to ask for the internal server to restart
- Added explicit update function for c2 internal server status
- Added username/password options when starting socks proxy
- Added 'remove' option in hosting files via c2
- Fixed a typo in the JSON tag for the MythicRPCCallbackTokenCreate RPC call
- Updated Eventing-based functions to auto-set the eventstepinstance_id field on the response
- ContainerVersion v1.3.3
- Added support for PayloadUUID and StagingUUID to be used in MythicRPCCallbackEncryptBytes and MythicRPCCallbackDecryptBytes
- A new field,
C2Profilemust be provided with these so that the appropriate keys can be looked up
- A new field,
- Fixed awaited functions in eventing containers
- Added in container ReSync message acknowledgement for consuming containers to indicate uptime
- Added the option for
limit_credentials_by_typefor CredentialJson command parameters to limit the options in the UI dropdown to certain types
- Updated the processing of commands to not check command class module's parent path name, too error prone
- Updated payload type definition to support using legacy "note" field or updated "description" field
- Updated typed array parsing to fix bugs
- fixed typo when building payload
- fixed typo when building payload
- This is updated to work with Mythic 3.3+ and will cause some issues with Mythic 3.2 and below
- New Auth
- New Eventing
- New Build/C2/Command parameter options of ChooseOneCustom and FileMultiple
- New Logging options
- Added MythicRPCAPITokenCreate
- Added MythicRPCCallbackNextCheckinRange
- Added MythicRPCFilebrowserParsePath
- Updated PayloadTypes to store lowercase names locally and check against module names lower case
- This fixes an issue where a Capital payload type name and a lowercase module name won't sync together
- Fixed a typo in the SendMythicRPCFileBrowserCreate
- Added CallbackDisplayID, PayloadType, IsInteractiveTask, and InteractiveTaskType to task search and task log data
- Added InteractiveTaskType dictionary lookup in MythicCommandBase based on InteractiveTaskType
- Updated the processing of payload type commands to be based on root module name
- Added
Numberparameter type to build parameters to match C2 Profile Parameters - Updated package dependencies
- Added OperatorUsername and OperationName to PTTaskMessageCallbackData fields with Mythic 3.2.19
- Added
agent_typeattribute for Payload Types
- Added access to "Secrets" in tasking, dynamic queries, new callbacks, and payload builds
- Added
message_formatattribute for Payload Types for use later
- Fixed a bug where in some situations old style tasking would get improperly formatted typedarray args
- Fixed a breaking bug in parsing tasking for old create_tasking style when checking for typedArray functions
- Fixed a path that was too long on windows
- Updated the c2 profile sub-process code to not cause deadlocks and only keep the latest 100 messages from debug output
- Updated the typedarray_parse_function to be called after parse_dictionary or parse_arguments is called
- Parsing dictionary and arguments should simply make sure that there's data in the typed array parameter
- The
typedarray_parse_functionwill be called if the value after parse_dictionary or parse_arguments is[ ["", "string"], ["", "value" ]]or[ "value", "value" ]formats.- The first format with the empty first value is how Mythic's UI parsing will interpret the arrays
- Updated the DynamicFunctionQuery attributes to be optional and not required
- Removed the FileRegister MythicRPC Call
- Updated the FileCreate MythicRPC Call to allow TaskID, PayloadUUID, or AgentCallbackID to be supplied
- This makes it possible to register new files with Mythic during payload build, translation containers, etc
- Updated the DynamicQuery Parameters to now also have PayloadOS, PayloadUUID, CallbackDisplayID, and AgentCallbackID
- This should make it easier to use MythicRPC functionality to make more informed decisions
- Updated container version to v1.1.4, Needs Mythic v3.2.13+
- Added a new optional
on_new_callbackfunction to the PayloadType class- This allows you to take additional actions on a new callback based on your payload type
- Added new MythicRPC* functions for searching edges associated with a callback and for creating new tasks for a callback
- Needs Mythic v3.2.12+ to leverage new functionality
- Fixed an issue with async timeout in rabbitmq from issue #10
- Fixed the MythicRPCEncryptBytes and MythicRPCDecryptBytes functions to base64 decode the responses back from Mythic
- Added support for 'Number' parameter types for C2 Profiles
- Added support for 'File' parameter types for C2 Profiles
- Added gRPC classes for Push C2
- Added C2 RPC calls for hosting files
- Added PayloadType RPC calls for parsing TypedArray values
- Added TypedArray values for Build, Command, and C2 parameters
- Updated ProxyStart/ProxyStop commands to take an optional local_port of 0 and have it dynamically chosen
- Updated the processing of commands to only parse arguments in OPSECPre and CreateTasking
- Updated the processing of commands to add unknown args for other stages of tasking in case CreateTasking manipulates the total arguments
- Updated the MythicRPCTaskCreateSubtaskGroupMessageResponse response to take back a group of IDs rather than a single ID
- Updated to add
wrapped_payload_uuidfield for wrapper payloads to access UUID of wrapped payload during build - Updated token handling to always default to
Noneif token id is None or 0
- Updated the logging/webhook listeners to use unique names so we don't round robin messages
- Updated the type validation keys from a typo for CredentialJson parameter types
- Decoded response searches back to string instead of leaving as bytes
- Fixed some bugs with how translation services handle timeouts and reconnects
- Updated the final JSON string from tasking to not include Null values
- Updated the create tasking's Stdout to include information about which arguments aren't getting used and why