kcarretto / arsenal Goto Github PK

• Implement API Endpoint
• Write Unit Test

Implement unit tests to ensure basic functionality of the Action API

• Implement Model Structure
• Implement relevant model functionality
• Develop model unit tests

Allow an optional flag that causes the teamserver to verify connection to c2 servers (via icmp) when updating a session's config to point to new servers. This would only work if the C2 were public, but it could potentially help to avoid catastrophic errors.

• Implement API Endpoint
• Write Unit Test

• Implement API Endpoint
• Write Unit Test

• Implement API Endpoint
• Write Unit Test

Ensure that all necessary things are documented.

Determine an efficient way to store the required data.

• Implement API Endpoint
• Write Unit Test

• Implement Model Structure
• Implement relevant model functionality
• Implement Model Unit Tests

target API tests were broken during the unit test refactor, and they need to be fixed immediately.

Should handle JSON post requests and be able to call appropriate methods.

Thorough documentation is needed for users to be able to create their own Agents, both for working with the existing C2 and working for a custom C2.

https://docs.mongodb.com/v3.0/core/indexes-introduction/

• Implement API Endpoint
• Write Unit Test

• Implement API Endpoint
• Write Unit Test

Note that this exists in the source code, it just needs to be pulled out into a markdown documentation file.

• Implement API Endpoint
• Write Unit Test

Eliminate the TODO's that say to raise / handle exceptions. Ensure proper exceptions are raised, and that they are handled such that the proper error message is relayed to the user.

Action type exec returns 1 on server. Docs say exec is Action 0.

• Implement API Endpoint
• Write Unit Test

I need the target IP address included in the webhook

Plan on using dynamic facts to identify targets, meaning that we can configure the teamserver to use different criteria to distinguish targets.

1. Only use MAC Addresses (Default)
2. Use a combination of facts (i.e. MAC Address, external_ip)
3. Use a UUID file on the file system.

In the case that MAC Addresses are configured exactly the same for each team, and we cannot utilize a C2 on the internal network, we will be forced to resort to option 3. This will be enforced as follows:

1. The agent's configuration will be set with a special reserved key "uuid_file", which has the value of a path.
2. The agent checks to see if that file exists, if not, it will write the identifier from the "generated_uuid" field that will also be present in the config and write it to the file. If the file exists, it will read the identifier from the file.
3. It will then reinitialize (i.e. respond with no session id) and include the "uuid" field in it's JSON beacon.

This will clearly distinguish Targets in a worst case scenario situation, however file identification will only be used as a last resort.

The --quick flag would specify that we want the output of the command as soon as possible, and so the teamserver should save the Action for the Target's lowest interval session.