search

MythicAgents / Apollo

A .NET Framework 4.0 Windows Agent
BSD 3-Clause "New" or "Revised" License
432 stars 90 forks source link

Error creating tasks : AttributeError: 'RPCResponse' object has no attribute 'message' #93

Closed Nicknam3 closed 2 years ago

Nicknam3 commented 2 years ago

Hi the Team,

I originally opened a case on https://github.com/its-a-feature/Mythic/issues/197, but was told that it would be better here. Here is my problem.

I've some issue when using register_assembly or powershell_import:

[-] apollo ran into an error processing powershell_import: 
'RPCResponse' object has no attribute 'message'
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/mythic_payloadtype_container/mythic_service.py", line 277, in callback
    final_task = await Command.create_tasking(task)
  File "/Mythic/mythic/agent_functions/powershell_import.py", line 54, in create_tasking
    raise Exception("Failed to create subtask: {}".format(response.message))
AttributeError: 'RPCResponse' object has no attribute 'message'

'RPCResponse' object has no attribute 'message'
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/mythic_payloadtype_container/mythic_service.py", line 277, in callback
    final_task = await Command.create_tasking(task)
  File "/Mythic/mythic/agent_functions/register_assembly.py", line 54, in create_tasking
    raise Exception("Failed to create subtask: {}".format(response.message))
AttributeError: 'RPCResponse' object has no attribute 'message'

It's ok when i use some other commands : run, mkdir, ls, etc.

Any idea ?

Thanks,

Nicknam3

Nicknam3 commented 2 years ago

If needed:

sudo ./mythic-cli logs mythic_server

[2022-03-22 21:50:57 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:51:07 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:51:16 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:51:25 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:51:37 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:51:48 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:52:00 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:52:07 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:52:19 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:52:31 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:52:39 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:52:51 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:53:02 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:53:02 +0000] [32] [INFO] CREATED TASK 64
[2022-03-22 21:53:02 +0000] [32] [INFO] SUBMITTING 64 TO CONTAINER
[2022-03-22 21:53:02 +0000] [32] [INFO] RABBITMQ GOT CREATE_TASK INFO BACK FROM CONTAINER FOR 64 WITH STATUS CODE success
[2022-03-22 21:53:02 +0000] [32] [INFO] RABBITMQ CALLED UPDATE ON TASK BACK FROM CONTAINER FOR 64 WITH STATUS submitted FROM CREATE_TASKING
[2022-03-22 21:53:14 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:53:25 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:53:25 +0000] [32] [INFO] {'status': 'success'}
[2022-03-22 21:53:25 +0000] [36] [INFO] Setting task 64 status to: completed with completion status: True
[2022-03-22 21:53:25 +0000] [36] [INFO] issuing task callback functions for task 64 with status: completed
[2022-03-22 21:53:34 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
[2022-03-22 21:53:46 +0000] [32] [INFO] len of redis list for SOCKS:5:ToAgent is 0
its-a-feature commented 2 years ago

I just ran apollo and was able to do powershell_import just fine, so I think there's some other issue that's bubbling up somewhere.

In the Mythic folder, you'll see a Payload_Types folder. Can you then look at Mythic/Payload_Types/apollo/mythic/agent_functions/powershell_import.py (https://github.com/MythicAgents/Apollo/blob/master/Payload_Type/apollo/mythic/agent_functions/powershell_import.py#L54) and you'll see that line it's erroring on. If you change that from response.message to response.error.

Then do sudo ./mythic-cli payload start apollo <-- that'll restart the apollo container with that updated python code.

Then run your powershell_import task again and this time the proper error should get bubbled up instead. Can you share that here?

Nicknam3 commented 2 years ago

Thanks for the help @its-a-feature ^^

Here it is:

[-] apollo ran into an error processing powershell_import: 
Failed to create subtask: register_file is not loaded in this callback
Nicknam3 commented 2 years ago

So, i will add register_file that i forgot on my new agent build ^

its-a-feature commented 2 years ago

Ah yup, that'll do it! Glad it was an easy fix :)

Nicknam3 commented 2 years ago

Thanks !!! ^^