bluecmd
commented
2 years ago @djhohnstein Ready for review! :-)
Closed bluecmd closed 1 year ago
bluecmd
commented
2 years ago @djhohnstein Ready for review! :-)
djhohnstein
commented
1 year ago Please retarget this PR to the dev branch instead of master and I can merge it in!
bluecmd
commented
1 year ago @djhohnstein Done!
As discussed on slack;
Change is tested on my local Mythic instance to the best of my ability.
Problem A
Currently an idle Apollo agent will always consume somewhere around 1 full CPU-core due to the task manager loop not backing off if there is nothing to process.
Problem B.1
The staging RSA key is generated for every connection attempt unless the EKE has completed. This causes quite high CPU usage during the initial phase if multiple attempts has to be done.
Problem B.2
If the initial checkin fails for some reason, it is immediately retried potentially flooding requests.
Fixes
I propose:
1) yielding back to the scheduler when there is nothing to do
2) waiting a bit before retrying initial checkin
3) caching the staging RSA key for EKE
Before the fixes, the worst case (an agent unable to connect to Mythic) looks like this in a profiler:
After fixes this is how VS 2019 shows the CPU graph. We can see the initial RSA generation, and then seemingly no other noticeable CPU consumers.