Added Integrity level field

docs/CHANGELOG.MD

@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## 1.3 - 2022-02-11
+
+### Changed
+
+- Added the `Integrity` field to the agents.Agent and messages.SysInfo structures
+- The agent menu `info` command now shows the agent's integrity level
+  - Windows: `2`-Medium, `3`-High, `4`-System
+  - All other OS: `3` - member of sudo group, `4` - running as root
+
 ## 1.2.1 - 2022-01-10
 
 ### Fixed

pkg/agents/agents.go

@@ -62,6 +62,7 @@ type Agent struct {
 	UserName       string
 	UserGUID       string
 	HostName       string
+	Integrity      int
 	Ips            []string
 	Pid            int
 	Process        string
@@ -166,18 +167,9 @@ func (a *Agent) UpdateInfo(info messages.AgentInfo) {
 	}
 
 	if core.Debug {
-		message("debug", "Processing new agent info")
-		message("debug", fmt.Sprintf("Agent Version: %s", info.Version))
-		message("debug", fmt.Sprintf("Agent Build: %s", info.Build))
-		message("debug", fmt.Sprintf("Agent waitTime: %s", info.WaitTime))
-		message("debug", fmt.Sprintf("Agent skew: %d", info.Skew))
-		message("debug", fmt.Sprintf("Agent paddingMax: %d", info.PaddingMax))
-		message("debug", fmt.Sprintf("Agent maxRetry: %d", info.MaxRetry))
-		message("debug", fmt.Sprintf("Agent failedCheckin: %d", info.FailedCheckin))
-		message("debug", fmt.Sprintf("Agent proto: %s", info.Proto))
-		message("debug", fmt.Sprintf("Agent killdate: %s", time.Unix(a.KillDate, 0).UTC().Format(time.RFC3339)))
-		message("debug", fmt.Sprintf("Agent JA3 signature: %s", info.JA3))
+		message("debug", fmt.Sprintf("Processing new agent info:\n%+v", info))
 	}
+
 	a.Log("Processing AgentInfo message:")
 	a.Log(fmt.Sprintf("\tAgent Version: %s ", info.Version))
 	a.Log(fmt.Sprintf("\tAgent Build: %s ", info.Build))
@@ -209,6 +201,7 @@ func (a *Agent) UpdateInfo(info messages.AgentInfo) {
 	a.Platform = info.SysInfo.Platform
 	a.UserName = info.SysInfo.UserName
 	a.UserGUID = info.SysInfo.UserGUID
+	a.Integrity = info.SysInfo.Integrity
 
 	if core.Debug {
 		message("debug", "Leaving agents.UpdateInfo function")

pkg/api/agents/agents.go

@@ -408,6 +408,7 @@ func GetAgentInfo(agentID uuid.UUID) ([][]string, messages.UserMessage) {
 		{"Platform", fmt.Sprintf("%s/%s", a.Platform, a.Architecture)},
 		{"User Name", a.UserName},
 		{"User GUID", a.UserGUID},
+		{"Integrity Level", fmt.Sprintf("%d", a.Integrity)},
 		{"Hostname", a.HostName},
 		{"Process Name", a.Process},
 		{"Process ID", strconv.Itoa(a.Pid)},
@@ -439,7 +440,7 @@ func GetAgentStatus(agentID uuid.UUID) (string, messages.UserMessage) {
 		return status, messages.ErrorMessage(fmt.Sprintf("%s is not a valid agent", agentID))
 	}
 	dur, errDur := time.ParseDuration(agent.WaitTime)
-	if errDur != nil {
+	if errDur != nil && agent.WaitTime != "" {
 		return status, messages.ErrorMessage(fmt.Sprintf("Error converting %s to a time duration: %s", agent.WaitTime, errDur))
 	}
 	if agent.StatusCheckIn.Add(dur).After(time.Now()) {

pkg/messages/messages.go

@@ -74,6 +74,7 @@ type SysInfo struct {
 	Architecture string   `json:"architecture,omitempty"`
 	UserName     string   `json:"username,omitempty"`
 	UserGUID     string   `json:"userguid,omitempty"`
+	Integrity    int      `json:"integrity,omitempty"`
 	HostName     string   `json:"hostname,omitempty"`
 	Process      string   `json:"process,omitempty"`
 	Pid          int      `json:"pid,omitempty"`