From 0530e11c928c2ca8b19b3de180938047356d51fa Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 10 Jul 2024 01:45:58 +0000 Subject: [PATCH 1/4] Fix env unwrap --- implants/lib/host_unique/src/env.rs | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/implants/lib/host_unique/src/env.rs b/implants/lib/host_unique/src/env.rs index 0ed7191a6..4c30bda36 100644 --- a/implants/lib/host_unique/src/env.rs +++ b/implants/lib/host_unique/src/env.rs @@ -17,7 +17,14 @@ impl HostIDSelector for Env { } fn get_host_id(&self) -> Option { - let host_id_env = env::var("IMIX_HOST_ID").unwrap(); + let host_id_env = match env::var("IMIX_HOST_ID") { + Ok(res) => res, + Err(_err) => { + #[cfg(debug_assertions)] + log::debug!("No environment variable set {:?}", _err); + return None; + } + }; match Uuid::parse_str(&host_id_env) { Ok(res) => Some(res), Err(_err) => { From dff9721ab86ff135b97affa988acfaffa1fea084 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 10 Jul 2024 01:46:08 +0000 Subject: [PATCH 2/4] gen update --- implants/lib/pb/src/generated/c2.rs | 1 - implants/lib/pb/src/generated/eldritch.rs | 1 - 2 files changed, 2 deletions(-) diff --git a/implants/lib/pb/src/generated/c2.rs b/implants/lib/pb/src/generated/c2.rs index c388d9b63..85563379b 100644 --- a/implants/lib/pb/src/generated/c2.rs +++ b/implants/lib/pb/src/generated/c2.rs @@ -1,4 +1,3 @@ -// This file is @generated by prost-build. /// Agent information to identify the type of beacon. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] diff --git a/implants/lib/pb/src/generated/eldritch.rs b/implants/lib/pb/src/generated/eldritch.rs index ac4647c34..6c7cac2b2 100644 --- a/implants/lib/pb/src/generated/eldritch.rs +++ b/implants/lib/pb/src/generated/eldritch.rs @@ -1,4 +1,3 @@ -// This file is @generated by prost-build. /// Tome for eldritch to execute. #[allow(clippy::derive_partial_eq_without_eq)] #[derive(Clone, PartialEq, ::prost::Message)] From 7b04aa7f0695e53cfb5c6e2e76a6fc23c65f5189 Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 10 Jul 2024 01:49:39 +0000 Subject: [PATCH 3/4] Fix docs. --- docs/_docs/dev-guide/imix.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/_docs/dev-guide/imix.md b/docs/_docs/dev-guide/imix.md index be18703ec..27c206b05 100644 --- a/docs/_docs/dev-guide/imix.md +++ b/docs/_docs/dev-guide/imix.md @@ -27,13 +27,13 @@ Out of the box realm comes with two options `File` and `Env` to determine what h If no selectors succeed a random UUID4 ID will be generated and used for the bot. This should be avoided. -## Develop A Host Uniqueness Engine +## Develop A Host Uniqueness Selector To create your own: - Navigate to `implants/lib/host_unique` - Create a file for your selector `touch mac_address.rs` -- Create an implementation of the `HostUniqueEngine` +- Create an implementation of the `HostIDSelector` ```rust use uuid::Uuid; From 9b1aff3739c31d4c22994cd11c07ba5d457571be Mon Sep 17 00:00:00 2001 From: Hulto <7121375+hulto@users.noreply.github.com> Date: Wed, 10 Jul 2024 01:54:55 +0000 Subject: [PATCH 4/4] Finish engine to selector --- docs/_data/toc.yml | 6 +++--- docs/_docs/user-guide/imix.md | 4 ++-- implants/lib/host_unique/src/env.rs | 4 ++-- implants/lib/host_unique/src/file.rs | 6 +++--- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/_data/toc.yml b/docs/_data/toc.yml index dbc9c4bbd..60f90a9ce 100644 --- a/docs/_data/toc.yml +++ b/docs/_data/toc.yml @@ -60,9 +60,9 @@ url: "dev-guide/imix" children: - title: "Overview" - url: "dev-guide/eldritch#overview" - - title: "Developing a host uniqueness engine" - url: "dev-guide/eldritch#develop-a-host-uniqueness-engine" + url: "dev-guide/imix#overview" + - title: "Develop a host uniqueness selector" + url: "dev-guide/imix#develop-a-host-uniqueness-selector" - title: "About" url: "" # Index diff --git a/docs/_docs/user-guide/imix.md b/docs/_docs/user-guide/imix.md index 2bb6e7f00..c1a8c30df 100644 --- a/docs/_docs/user-guide/imix.md +++ b/docs/_docs/user-guide/imix.md @@ -67,9 +67,9 @@ We recommend that you use the `File` for the most reliability: - Garunteed to be unique per host (because the bot creates it) - Can be used by multiple instances of the beacon on the same host. -If you cannot use the `File` engine we highly recommend manually setting the `Env` engine with the environment variable `IMIX_HOST_ID`. This will override the `File` one avoiding writes to disk but must be managed by the operators. +If you cannot use the `File` selector we highly recommend manually setting the `Env` selector with the environment variable `IMIX_HOST_ID`. This will override the `File` one avoiding writes to disk but must be managed by the operators. -If all uniqueness engines fail imix will randomly generate a UUID to avoid crashing. +If all uniqueness selectors fail imix will randomly generate a UUID to avoid crashing. This isn't ideal as in the UI each new beacon will appear as thought it were on a new host. ## Static cross compilation diff --git a/implants/lib/host_unique/src/env.rs b/implants/lib/host_unique/src/env.rs index 4c30bda36..96e96ec71 100644 --- a/implants/lib/host_unique/src/env.rs +++ b/implants/lib/host_unique/src/env.rs @@ -45,8 +45,8 @@ mod tests { #[test] fn test_id_env() { std::env::set_var("IMIX_HOST_ID", "f17b92c0-e383-4328-9017-952e5d9fd53d"); - let engine = Env {}; - let id = engine.get_host_id().unwrap(); + let selector = Env {}; + let id = selector.get_host_id().unwrap(); assert_eq!(id, uuid!("f17b92c0-e383-4328-9017-952e5d9fd53d")); } diff --git a/implants/lib/host_unique/src/file.rs b/implants/lib/host_unique/src/file.rs index d67deb7a1..7ba56c93f 100644 --- a/implants/lib/host_unique/src/file.rs +++ b/implants/lib/host_unique/src/file.rs @@ -96,11 +96,11 @@ mod tests { let tmp_file = NamedTempFile::new().unwrap(); let path = String::from(tmp_file.path().to_str().unwrap()); - let engine = File { + let selector = File { path_override: Some(path), }; - let id_one = engine.get_host_id(); - let id_two = engine.get_host_id(); + let id_one = selector.get_host_id(); + let id_two = selector.get_host_id(); assert_eq!(id_one, id_two); }