spellshift / realm Goto Github PK
View Code? Open in Web Editor NEWRealm is a cross platform Red Team engagement platform with a focus on automation and reliability.
Home Page: https://docs.realm.pub/
License: GNU General Public License v3.0
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
Home Page: https://docs.realm.pub/
License: GNU General Public License v3.0
Is your feature request related to a problem? Please describe.
Implement the main loop and callback mechanism for the imix agent.
Describe the solution you'd like
Describe alternatives you've considered
N/a
Additional context
N/a
Target Release Date: | 3/3/2023 |
---|---|
Agent Support | Windows, Linux, MacOS |
Teamserver Support | Yes |
Eldritch Support | Limited |
UI Support | in-dev |
imix
agent on Windows, Linux, and MacOS platformsIs your feature request related to a problem? Please describe.
We need a way to bulk import targets and tags at the start of an engagement.
Describe the solution you'd like
Create an endpoint that creates targets & tags based on a JSON array.
Describe the solution you'd like
Create a function time.format_to_readable
function.
Should take an epoch time stamp, and a string to format the time stamp as. Eg "%Y %M %S"
Is your feature request related to a problem? Please describe.
Currently rely on a private fork of starlark-rust
Describe the solution you'd like
Switch back to the standard library.
Additional context
Switch was originally made when starlark-rust tests started failing due to rust nightly implementing a memory optomization.
This may require us to stay on rust nightly.
Describe the bug
Tests are failing for all PRs. As a contributor, I cannot see the output of the failing GitHub Actions runners.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
As a contributor, I can see the resulting output of tests, failing or otherwise
Desktop (please complete the following information):
N/A, SaaS issue
Smartphone (please complete the following information):
N/A
Additional context
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to check if a path is a file.
Describe the solution you'd like
Create a file.is_file function in eldritch.
Should take a path as a String and return true if it's a file and false if it dosen't exist or is a directory.
Add port scan function to eldritch.
https://github.com/vcsjones/rust_coreclr
^ would be a good starting point
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to decrypt a file.
Describe the solution you'd like
Create a function crypto.decrypt_file.
Should take a src file path, dst file path, and an encryption key.
Should return a status code after writing the decrypted file to disk.
Should be thoroughly tested and work on Linux, Windows, and Mac.
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to set file permissions or extended attributes.
Describe the solution you'd like
Create a function file.set_perms.
Should take user, group, perms...., and xattrs...
Should be thoroughly tested and work on Linux, Windows, and Mac.
Describe the solution you'd like
Create a time.format_to_epoch
function should take a human readable timestamp, and a time format and return the epoch repsentation.
Is your feature request related to a problem? Please describe.
Eldritch does not have a simple way to get the name of a process from its PID.
Describe the solution you'd like
Implement a process.name function.
As titled.
Is your feature request related to a problem? Please describe.
Imix should be able to download and save files, for example from our CDN.
Describe the solution you'd like
Implement the file.Download
eldritch method to download files. It must support HTTP(s), but other protocols (e.g. FTP & SFTP) would be useful.
Describe the bug
When multiple network based tests are running ports can be selected through allocate_localhost_unused_ports
but by the time they get to setup_test_listener
they can already have been bound.
To Reproduce
while true; do cargo test -- --skip test_process_shell_current_user --nocapture; sleep 1; done
Expected behavior
Tests should pass
Is your feature request related to a problem? Please describe.
Scaling our dev will become challenging if we continue to store large files like images in the repository.
Cloning down the repository will get slower and slower if different image revisions are stored in it Eg. how we currently manage the docs web pages.
Describe the solution you'd like
To solve this we should start using git-lfs a tool that will store large files outside the repository and just save a reference to the image which will then automatically be pulled based on the current working version.
Describe alternatives you've considered
None
Additional context
Current images in the repository.
/realm/docs/assets/images/.png
/realm/tavern/internal/www/public/.png
Need to be able to update eldritch in case it was wrong
Describe the bug
portscan testing is consuming too many resources in the CI runner causing unrelated tests to fail.
To Reproduce
Run the CI pipeline a couple times.
Expected behavior
Tests should pass independent of each other.
Is your feature request related to a problem? Please describe.
Create the ability to inject dlls into a target process on Windows.
Describe the solution you'd like
Add a basic CreateRemoteThread()
dll inject function.
Describe alternatives you've considered
No alternatives considered.
Additional context
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to create a file using jinja2 templates.
Describe the solution you'd like
Create a function file.template.
Should take a file path to a jinja2 template, some args to populate the template, and a destination.
Should be thoroughly tested and work on Linux, Windows, and Mac.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
Implement Eldritch's file.mkdir function, which should exhibit the following behaviour:
/tmp/somedir/another/
if /tmp/somedir
does not exist, it should be createdIs your feature request related to a problem? Please describe.
This issue exists to record the thought process around developing the pivot.ncat
function in eldritch.
Describe the solution you'd like
The goal of this feature is to enable a user to send arbitrary text to a host, port, and protocol then receive a response if one exists.
** Solution **
Libraries:
** Testing **
Improve dev container build speeds by caching go module dependencies via go mod download
Describe the bug
We received no output back from this tome, expected an error from the following eldritch:
"print(sys.shell(input_vars[\"cmd\"]))"
Enable a dark mode toggle in the nav bar for our docs. It should persist the setting, such that subsequent page visits or reloads preserve the user’s choice.
Implement Eldritch's file.replace function, which should exhibit the following behaviour:
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to search for files.
Describe the solution you'd like
Create a function file.find(name: String, path: String, file_type: Optional<String>, permissions: Optional<String>, modified_time: Optional<String>, create_time: Optional<String> )
Should take a file path to search.
Should take options for name, file type, permissions, modified time, create time.
Should be thoroughly tested and work on Linux, Windows, and Mac.
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to encrypt a file.
Describe the solution you'd like
Create a function crypto.encrypt_file.
Should take a src file path, dst file path, and an encryption key.
Should return a status code after writing the encrypted file to disk.
Should be thoroughly tested and work on Linux, Windows, and Mac.
Describe the solution you'd like
Create a function time.now()
to get the current epoch time.
Should return a number.
Is your feature request related to a problem? Please describe.
To allow users to pass parameters through Tavern tomes into imix the eldritch run function needs to accept parameters and pass them into the interpreter.
Describe the solution you'd like
tome_parameters
to the eldritch_run
function in eldritch/src/lib.rs
tome_parameters
as a JSON string.tome_parameters
into a Dict
or HashMap
get_eldritch
function.input_vars['cmd']
Describe alternatives you've considered
N/a
Additional context
N/a
Describe the bug
Some Eldritch job instances cause the Actions runner to enter a state where it no longer appears to be performing any actions, but remains running until some external timeout (generally > 1 hour). The errors do not appear to be specific to a single OS, as we have an example of an indefinite job running on each of the 3 operating systems we run tests on. It also does not appear to be limited to a single step in a workflow, as there are examples of this state occurring in both "build" and "test" steps.
Cancelling and re-running the failed job appears to fix the problem when a runner hits this state, which makes this bug inconsistent to reproduce.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
When running a GitHub Actions workflow for Eldritch steps the workflow completes in an amount of time consistent from run-to-run.
Desktop (please complete the following information):
Smartphone (please complete the following information):
N/A
Additional context
Since cancelling and re-running the failed job appears to fix the problem, a working mitigration should be to add a workflow timeout to the Eldritch workflows.
Describe the bug
When build container starts it has the libssl1.1 library but not the libssl-dev library which is required by the openssl-sys crate.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The project should compile out of the box with the dev container
Desktop (please complete the following information):
https://docs.realm.pub
Twitter icon at the bottom links to:
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to compress a file.
Describe the solution you'd like
Create a function file.compress.
Should take a file path and an archive path.
Should create a compressed archive from the source path.
Should be thoroughly tested and work on Linux, Windows, and Mac.
Describe the bug
When compiling eldritch the download impl throws a warning of used Result.
To Reproduce
Steps to reproduce the behavior:
Additional context
@Milkshak3s Sorry missed this during review when you get a chance can you push a PR.
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to decompress a file.
Describe the solution you'd like
Create a function file.decompress.
Should take a destination path and an archive path.
Should create the original files form the archive into the destination folder.
Should be thoroughly tested and work on Linux, Windows, and Mac.
Implement Eldritch's file.replace function, which should exhibit the following behaviour:
Describe the bug
When compiling the eldritch package the build fails on compiling starlark v0.6.0
To Reproduce
Steps to reproduce the behavior:
cargo build
Expected behavior
The package should compile without error.
Additional context
I've tried using starlark v0.7.1 and v0.8.0 with no luck.
Testing with a empty project a different seemingly related error occurs.
Current main raises compiler warnings when built.
Resolve these issues and PR.
Is your feature request related to a problem? Please describe.
Create an inline way to run the eldritch interpreter without a c2.
This will allow allow us to leverage the eldritch language to do deployment and serve as a replacement to GScript and Ansible.
Describe the solution you'd like
Goal:
/bin/sh -c "whoami"
we can have /bin/golem
Reach goal:
Describe alternatives you've considered
Using GScript or ansible for deployment.
GScript is unmaintained and unreliable. It also doesn't integrate with our existing tome workflow.
Ansible has a number or requirements like allowing SSH in bound, having a common user, and known password / certificate.
Implement Eldritch's file.write function, which should exhibit the following behaviour:
Is your feature request related to a problem? Please describe.
Eldritch doesn't have a way to execute files.
Describe the solution you'd like
Create a function sys.exec
that allows a user to execute a file on the system through the eldritch language.
Describe the bug
Working on imix and unclear on what data I should expect in the nested JSON for Tome.parameters
.
Would also be nice to see docs around the createTome
parameters field I know that will specify the variable names and types and createTask/claimTask will specify values populated in those fields.
We need to be able to differentiate what OS a session is on in an easy way
Is your feature request related to a problem? Please describe.
We need a way to upload new tomes.
Describe the solution you'd like
Multi-file upload that creates a tome (UI web form responsible for doing this)
Describe alternatives you've considered
We decided that uploading tar.gz would be too complex for users, UI can guide them through defining the metadata.yml
Additional context
Add any other context or screenshots about the feature request here.
Show who created / queued a job (edge to auth'd user)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.