its-a-feature
commented
4 months ago Great question. The RPC call you're looking for is SendMythicRPCResponseCreate because you want to create a new response in the UI. I can see why you'd look to the TaskUpdate function, but in Mythic's database, Tasks and their Responses are separate tables. That's why updating a task is simply updating metadata about the task itself, whereas creating a new response for a task is what causes a new thing to show up in the UI.
ChoboSyk
Hey,
I've been having issues when returning operator defined results via output_message in the implants response. I'm trying to keep the implant source code as small as possible and as it's written in C with no libs JSON escaping the output can be a hassle. The implant already supports base64 encoding/decoding. I would like to define that user_output is base64 encoded and have it decoded server side before displayed back to the operator. I've tried with TaskFunctionProcessResponse/process_response but it doesn't appear to allow setting back the user_input in the response after having it decoded so it is shown directly in the UI to the operator. I've looked at the mythic RPC functions but can't figure which one to use in this case. SendMythicRPCTaskUpdate with an updated stdout doesn't show in the UI.
My attempt at using RPC to update the task result. I receive an update response of true with no errors. Printing out decodedStr shows it has the correct value. Still nothing appears in the task UI after.
Hopefully I didn't missing something super obvious :). Any help would be greatly appreciated.
Thank you!