The imix agent right now may start before the host has an IP address as was the case for many pfsense boxes during ISTS. Since imix currently only grabs the Host IP at startup it cannot update itself once the host has an IP.
Imix should check the host's IP address every check-in this is more realistic too since hosts may change IP when using DHCP.
Currently the primary_ip is set in implants/imix/src/config.rs
impl Default for Config {
fn default() -> Self {
let agent = pb::c2::Agent {
identifier: format!("imix-v{}", VERSION),
};
let host = pb::c2::Host {
name: whoami::hostname(),
identifier: get_host_id(get_host_id_path()),
platform: get_host_platform() as i32,
primary_ip: get_primary_ip(),
};
Instead it should happen during the callback_loop in implants/imix/src/agent.rs
Cictrone
commented
8 months ago
The imix agent right now may start before the host has an IP address as was the case for many pfsense boxes during ISTS. Since imix currently only grabs the Host IP at startup it cannot update itself once the host has an IP.
Imix should check the host's IP address every check-in this is more realistic too since hosts may change IP when using DHCP.
Currently the
primary_ipis set inimplants/imix/src/config.rsInstead it should happen during the
callback_loopinimplants/imix/src/agent.rs