Conversation
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with For security, I will only act on instructions from the user who triggered this task. New to Jules? Learn more at jules.google/docs. |
|
|
||
| ## Agent | ||
|
|
||
| ### agent._terminate_this_process_clowntown (V2-Only) |
There was a problem hiding this comment.
Leave this as marked (V2-Only)
There was a problem hiding this comment.
Restored (V2-Only) tag.
docs/_docs/user-guide/eldritch.md
Outdated
| > **DANGER**: The **agent._terminate_this_process_clowntown** method terminates the agent process immediately by calling `std::process::exit(0)`. This effectively kills the agent and should be used with extreme caution. This function does not return as the process exits. | ||
|
|
||
| ### agent.get_config (V2-Only) | ||
| ### agent.get_config |
There was a problem hiding this comment.
Leave this as marked (V2-Only)
There was a problem hiding this comment.
Restored (V2-Only) tag.
docs/_docs/user-guide/eldritch.md
Outdated
| The **agent.get_config** method returns the current configuration of the agent as a dictionary containing configuration keys and values. This method will error if the configuration cannot be retrieved. | ||
|
|
||
| ### agent.get_transport (V2-Only) | ||
| ### agent.get_transport |
There was a problem hiding this comment.
Leave this as marked (V2-Only)
There was a problem hiding this comment.
Restored (V2-Only) tag.
docs/_docs/user-guide/eldritch.md
Outdated
| The **agent.get_transport** method returns the name of the currently active transport (e.g., "http", "grpc"). | ||
|
|
||
| ### agent.list_transports (V2-Only) | ||
| ### agent.list_transports |
There was a problem hiding this comment.
Leave this as marked (V2-Only)
There was a problem hiding this comment.
Restored (V2-Only) tag.
docs/_docs/user-guide/eldritch.md
Outdated
| The **agent.list_transports** method returns a list of available transport names supported by the agent. | ||
|
|
||
| ### agent.get_callback_interval (V2-Only) | ||
| ### agent.get_callback_interval |
There was a problem hiding this comment.
Leave this as marked (V2-Only)
There was a problem hiding this comment.
Restored (V2-Only) tag.
docs/_docs/user-guide/eldritch.md
Outdated
| @@ -516,9 +541,9 @@ | |||
|
|
|||
| ### file.timestomp | |||
There was a problem hiding this comment.
Marked as (V2-Only).
docs/_docs/user-guide/eldritch.md
Outdated
| The **pivot.reverse_shell_pty** method spawns the provided command in a cross-platform PTY and opens a reverse shell over the agent's current transport (e.g. gRPC). If no command is provided, Windows will use `cmd.exe`. On other platforms, `/bin/bash` is used as a default, but if it does not exist then `/bin/sh` is used. | ||
|
|
||
| ### pivot.smb_exec | ||
| ### pivot.reverse_shell_repl |
There was a problem hiding this comment.
Marked as (V2-Only).
docs/_docs/user-guide/eldritch.md
Outdated
|
|
||
| The <b>random.bool</b> method returns a randomly sourced boolean value. | ||
|
|
||
| ### random.bytes |
There was a problem hiding this comment.
Marked as (V2-Only).
docs/_docs/user-guide/eldritch.md
Outdated
| `random.string(length: uint, charset: Optional<str>) -> str` | ||
| The <b>random.string</b> method returns a randomly generated string of the specified length. If `charset` is not provided defaults to [Alphanumeric](https://docs.rs/rand_distr/latest/rand_distr/struct.Alphanumeric.html). Warning, the string is stored entirely in memory so exceptionally large files (multiple megabytes) can lead to performance issues. | ||
|
|
||
| ### random.uuid |
There was a problem hiding this comment.
Marked as (V2-Only).
docs/_docs/user-guide/eldritch.md
Outdated
| On *nix systems disown will run the process in the background disowned from the agent. This is done through double forking. | ||
| On Windows systems disown will run the process with detached stdin and stdout such that it won't block the tomes execution. | ||
| The `env_vars` will be a map of environment variables to be added to the process of the execution. | ||
| The `input` parameter allows you to pass a string to the process's stdin. |
There was a problem hiding this comment.
Marked as (V2-Only).
| --- | ||
| # Overview | ||
|
|
||
| 🚨 **DEPRECATION WARNING:** Eldritch v1 will soon be deprecated and replaced with v2 🚨 |
There was a problem hiding this comment.
Leave this deprecation warning
There was a problem hiding this comment.
Restored the deprecation warning.
| Eldritch is a small interpreter that can be embedded into a c2 agent as it is with Golem and Imix. | ||
| By embedding the interpreter into the agent conditional logic can be quickly evaluated without requiring multiple callbacks. | ||
|
|
||
| Eldritch is currently under active development to help delineate methods in development the description contains the phrase `X method will`. |
There was a problem hiding this comment.
Restored the sentence.
docs/_docs/user-guide/eldritch.md
Outdated
| If your dll_bytes array contains a value greater than u8::MAX it will cause the function to fail. If you're doing any decryption in starlark make sure to be careful of the u8::MAX bound for each byte. | ||
|
|
||
| ### sys.exec | ||
| ### sys.exec (V2-Only) |
There was a problem hiding this comment.
No, just the input param is v2 only
There was a problem hiding this comment.
Updated sys.exec header to remove (V2-Only) and moved the tag to the input parameter description.
| | ------- | ----------- | ------- | -------- | | ||
| | ENABLE_METRICS | Set to any value to enable the "/metrics" endpoint. | Disabled | No | | ||
| | HTTP_METRICS_LISTEN_ADDR | Listen address for the metrics HTTP server, it must be different than the value of `HTTP_LISTEN_ADDR`. | `127.0.0.1:8000` | No | | ||
| | HTTP_METRICS_LISTEN_ADDR | Listen address for the metrics HTTP server, it must be different than the value of `HTTP_LISTEN_ADDR`. | `127.0.0.1:8080` | No | |
There was a problem hiding this comment.
Good catch eventually this should be a diff port.
Tavern is 8000
Redirector is 8080
* Docs: Fix discrepancies in Tavern config and Eldritch DSL * Docs: Address PR feedback (V2 tags, remove unimplemented methods) * Docs: Address feedback (restore warnings, refine V2 tags) --------- Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: KCarretto <Kcarretto@gmail.com>
2 participants
I have audited the codebase and updated the documentation to reflect the current implementation of the Eldritch DSL and Tavern configuration.
Discrepancies Found and Fixed:
HTTP_METRICS_LISTEN_ADDR127.0.0.1:8080127.0.0.1:8000file.movemovemovetofile.timestomphttp.get/postDictstrpivot.reverse_shell_replpivot.bind_proxyetcpivot.port_scanfd_limitargsys.execinputargcryptoaes_decrypt,md5, etcrandombytes,uuidtime.sleepintfloatPR created automatically by Jules for task 9413631596083015394 started by @KCarretto