updated the directory a little, removed docker support (outdated), cleaned up some files, updated release

.github/workflows/docker-base-test.yml

@@ -1,17 +0,0 @@
-name: Docker Image CI Test
-
-on:
-  pull_request:
-    branches-ignore:
-      - main
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-    - name: Build the Client Docker Image
-      run: docker build . --file ./client/GA-Client --tag ga-havoc-client:$(date +%s)
-    - name: Build the Teamserver Docker Image
-      run: docker build . --file ./teamserver/GA-Teamserver --tag ga-havoc-teamserver:$(date +%s)

JC-Dockerfile

@@ -1,74 +0,0 @@
-# Jenkins LTS DOCKERFILE for Havoc-C2-client
-# Havoc-Client
-#
-# Usage:
-#    Build the image:
-#       sudo docker build -t jenkins-havoc-client -f JCDockerfile .
-#
-#   Create a persistent data store:
-#	sudo docker volume create jenkins-havoc-client
-#
-#    Run the image:
-#       sudo docker run -p8080:8080 -it -d -v jenkins-havoc-client-data:/Data jenkins-havoc-client
-#
-############################
-#
-FROM jenkins/jenkins:lts
-#
-# ---- Install via APT ----
-USER root
-RUN echo 'deb http://ftp.de.debian.org/debian bookworm main' >> /etc/apt/sources.list
-# 
-# ---- Establish Volumes ----
-#
-VOLUME /var/jenkins_home
-#
-# ---- Setup Jenkins ----
-ENV JAVA_OPTS -Djenkins.install.runSetupWizard=false
-ENV CASC_JENKINS_CONFIG /var/jenkins_home/casc.yaml
-COPY plugins.txt /usr/share/jenkins/ref/plugins.txt
-#
-# ------------------Install Extra Software & Tools------------------
-#
-# ----Env Setup----
-# RUN mkdir /Tools
-# CHMOD 777 /Tools
-# 
-# ----Supporting Tooling----
-USER root
-# # Install Jenkins Plugins
-RUN jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt
-# one liner: apt-get update && apt-get install -y libfontconfig1 libglu1-mesa-dev libgtest-dev libspdlog-dev libboost-all-dev mesa-common-dev qtbase5-dev qtchooser qt5-qmake qtbase5-dev-tools libqt5websockets5 libqt5websockets5-dev qtdeclarative5-dev
-RUN  apt-get update && apt-get install -y libfontconfig1 libglu1-mesa-dev libgtest-dev libspdlog-dev libboost-all-dev mesa-common-dev qtbase5-dev qtchooser qt5-qmake qtbase5-dev-tools libqt5websockets5 libqt5websockets5-dev qtdeclarative5-dev
-# Build cmake as the repo version is out-of-date...
-USER root
-RUN apt install -y wget
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.24.1/cmake-3.24.1-Linux-x86_64.sh -O cmake.sh
-RUN sh cmake.sh --prefix=/usr/local/ --exclude-subdir
-#
-# Install Jenkins Plugins
-RUN jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt
-#
-# 'streamline' build process:
-RUN apt install -y build-essential cmake make python3-dev qtbase5-dev libqt5websockets5-dev libspdlog-dev libboost-all-dev g++ gcc
-# Setting up latest Go
-RUN wget https://go.dev/dl/go1.19.1.linux-amd64.tar.gz -O go1.19.1.tar.gz
-RUN rm -rf /usr/local/go && tar -C /usr/local -xzf go1.19.1.tar.gz
-RUN echo 'export PATH=$PATH:/usr/local/go/bin' > /var/jenkins_home/.profile
-RUN cp /usr/local/go/bin/go /usr/bin/go
-RUN go version
-#
-RUN apt install -y python3.10-dev libpython3.10 libpython3.10-dev python3.10 build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev libsqlite3-dev wget libbz2-dev
-# Manual Python 3.10 install
-#RUN wget https://www.python.org/ftp/python/3.10.0/Python-3.10.0.tgz
-#RUN tar -xvf Python-3.10.0.tgz
-#RUN cd Python-3.10.0 && ./configure --enable-optimizations && make -j 2 && nproc
-#RUN cd Python-3.10.0 && make altinstall
-#RUN python3.10 --version
-#
-# Copy over Havoc Client files for local build
-COPY ./client Build/
-RUN chmod -R 777 Build/
-#
-USER jenkins
-

JT-Dockerfile

@@ -1,84 +0,0 @@
-# Jenkins LTS DOCKERFILE for Havoc-C2-teamserver
-# Havoc-Teamserver
-#
-# Usage:
-#    Build the image:
-#	sudo docker build -t jenkins-havoc-teamserver -f JT-Dockerfile .
-#
-#    Run the image:
-#	docker run -p8080:8080 -it -d -v havoc-c2-data:/Data jenkins-havoc-teamserver
-#
-###################################################################
-FROM jenkins/jenkins:lts
-#
-# ---- Install via APT ----
-USER root
-USER jenkins
-# 
-# ---- Establish Volumes ----
-#
-VOLUME /var/jenkins_home
-#
-# ---- Setup Jenkins ----
-ENV JAVA_OPTS -Djenkins.install.runSetupWizard=false
-ENV CASC_JENKINS_CONFIG /var/jenkins_home/casc.yaml
-COPY plugins.txt /usr/share/jenkins/ref/plugins.txt
-#
-# ----Further Customize Jenkins through custom groovy scripts:----
-# COPY custom.groovy /usr/share/jenkins/ref/init.groovy.d/custom.groovy
-#
-# ------------------Install Extra Software & Tools------------------
-#
-# ----Env Setup----
-# RUN mkdir /Tools
-# CHMOD 777 /Tools
-# 
-# ----Build Env Stuff----
-USER root
-ENV PATH=/root/.local/bin:$PATH
-ENV USER=root
-RUN apt update \
-	&& apt -y install \
-	alien \
-	debhelper \
-	devscripts \
-	golang-go \
-	nasm \
-	mingw-w64 \
-	dh-golang \
-	dh-make \
-	fakeroot \
-	pkg-config \
-	python3-all-dev \
-	python3-pip \
-	rpm \
-	sudo \
-	upx-ucl \
-	wget \
-	&& pip install --upgrade jsonschema
-#
-# Build cmake as the repo version is out-of-date...
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.24.1/cmake-3.24.1-Linux-x86_64.sh -O cmake.sh
-RUN sh cmake.sh --prefix=/usr/local/ --exclude-subdir
-#
-# Setting up latest Go
-RUN wget https://go.dev/dl/go1.19.1.linux-amd64.tar.gz -O go1.19.1.tar.gz
-RUN rm -rf /usr/local/go && tar -C /usr/local -xzf go1.19.1.tar.gz
-RUN echo 'export PATH=$PATH:/usr/local/go/bin' > /var/jenkins_home/.profile
-RUN rm /usr/bin/go
-RUN cp /usr/local/go/bin/go /usr/bin/go
-RUN go version
-#
-# Because Go doesn't just go...
-RUN go env -w GOFLAGS=-mod=mod
-#
-# Install Jenkins Plugins
-RUN jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt
-#
-# Copy over Havoc TeamServer files for local Build
-COPY . Build/
-RUN chmod -R 777 Build/
-#
-USER jenkins
-#
-#

RELEASE.md

@@ -57,3 +57,15 @@ Commit: https://github.com/HavocFramework/Havoc/commit/133f6ead8085147dc39beb368
 - refactor TS logs
 
 Commits/PR: https://github.com/HavocFramework/Havoc/pull/310
+
+### Version `0.6` | `Hierophant Green`
+
+- refactored/rewritten indirect syscalls (no more RX/RWX stubs)
+- proxy library loading
+- random order module & function resolving.
+- x86 demon implants.
+- cross process arch injection
+- AMSI/ETW patching using Hardware breakpoints
+- overall agent refactoring and bug fixes
+
+Push: https://github.com/HavocFramework/Havoc/pull/371

ROADMAP.md

@@ -1,18 +0,0 @@
-# Havoc Framework Roadmap
-
-- Lateral Movement commands.
-  - wmiexec
-- Switch between injection techniques via config module (example: `config inject.technique 0`). There is already code for it just gotta make it switchable rn. 
-- Add all demon commands to the Havoc client python api.
-- Protocol to add:
-  - DNS
-  - TCP (direct/pivot)
-  - Wireguard
-- Add some privilege escalation techniques.
-- Add UI plugin system (expose the QT library to the python interpreter. maybe write a small wrapper that handles pointers etc. like IDA does it)
-- Encrypt config in implant (AES or RC4? not sure)
-- add RSA for AES key exchange to avoid exposing the AES key on init request. adding extra communication security.
-- rewrite client backend. for now its single threaded which is not ideal. split it into 3 threads which handles different jobs. [reference](https://twitter.com/C5pider/status/1650926729299460096)
-- instead of hardcoding the loaded module scripts into the client load scripts from a config file (json). 
-
-I have planned to add more features. if you have any feature requests let me know in my discord server (link in the readme.md) or in my twitter dms.

plugins.txt

@@ -1,67 +0,0 @@
-ace-editor 
-apache-httpcomponents-client-4-api 
-bouncycastle-api 
-branch-api 
-caffeine-api 
-cloudbees-folder 
-command-launcher 
-credentials 
-credentials-binding 
-display-url-api 
-durable-task 
-git 
-git-client 
-github 
-github-api 
-github-branch-source 
-handlebars 
-instance-identity 
-jackson2-api 
-jakarta-activation-api 
-jakarta-mail-api 
-javax-activation-api 
-javax-mail-api 
-jaxb 
-jdk-tool 
-jjwt-api 
-jsch 
-mailer 
-mina-sshd-api-common 
-mina-sshd-api-core 
-momentjs 
-okhttp-api 
-pipeline-build-step 
-pipeline-github 
-pipeline-githubnotify-step 
-pipeline-graph-analysis 
-pipeline-groovy-lib 
-pipeline-input-step 
-pipeline-milestone-step 
-pipeline-model-api 
-pipeline-model-definition 
-pipeline-model-extensions 
-pipeline-rest-api 
-pipeline-stage-step 
-pipeline-stage-tags-metadata 
-pipeline-stage-view 
-pipeline-timeline 
-plain-credentials 
-scm-api 
-script-security 
-snakeyaml-api 
-ssh-credentials 
-sshd 
-structs 
-token-macro 
-trilead-api 
-variant 
-workflow-aggregator 
-workflow-api 
-workflow-basic-steps 
-workflow-cps 
-workflow-durable-task-step 
-workflow-job 
-workflow-multibranch 
-workflow-scm-step 
-workflow-step-api 
-workflow-support

profiles/http_smb.yaotl

@@ -21,35 +21,42 @@ Operators {
 
 Listeners {
     Http {
-        Name         = "Agent Listener - HTTP/s"
+        Name         = "teams profile - http"
         Hosts        = [
-            "192.168.0.148", # our callback host.
+            "5pider.net", # our callback host.
         ]
-        HostBind     = "192.168.0.148" # the address where the listener should bind to. 
+        HostBind     = "0.0.0.0" # the address where the listener should bind to. 
         HostRotation = "round-robin"
         PortBind     = 443
         PortConn     = 443
-        Secure       = true
+        Secure       = false # for now disabled so we can see the traffic content. (but alaways enabled this!!!)
         KillDate     = "2024-01-02 12:00:00"
         UserAgent    = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36"
 
         Uris = [
-            "/funny_cat.gif",
-            "/index.php",
-            "/test.txt",
-            "/helloworld.js"
+            "/Collector/2.0/settings/"
         ]
 
         Headers = [
-            "Content-type: text/plain",
-            "X-Havoc: true",
-            "X-Havoc-Agent: Demon",
+            "Accept: json",
+            "Referer: https://teams.microsoft.com/_",
+            "x-ms-session-id: f73c3186-057a-d996-3b63-b6e5de6ef20c",
+            "x-ms-client-type: desktop",
+            "x-mx-client-version: 27/1.0.0.2021020410",
+            "Accept-Encoding: gzip, deflate, br",
+            "Origin: https://teams.microsoft.com"
         ]
 
         Response {
             Headers = [
-                "Content-type: text/plain",
-                "X-IsHavocFramework: true",
+                "Content-Type: application/json; charset=utf-8",
+                "Server: Microsoft-HTTPAPI/2.0",
+                "X-Content-Type-Options: nosniff",
+                "x-ms-environment: North Europe-prod-3,_cnsVMSS-6_26",
+                "x-ms-latency: 40018.2038",
+                "Access-Control-Allow-Origin: https://teams.microsoft.com",
+                "Access-Control-Allow-Credentials: true",
+                "Connection: keep-alive"
             ]
         }