get_tasking items not bundled for same p2p agent destination when using get_delegate_tasks

[save196]

Description:

When get_delegate_tasks is set to True (this is also the default behavior), tasks intended for delegation that have the same agent as the destination are being issued as separate get_tasking requests. This results in multiple delegate items instead of bundling them into a single request.

Current Behavior:

Tasks to delegate are issued as separate requests:

1. Task 1:

   {
     "action": "get_tasking",
     "tasks": [
       {
         "timestamp": 1759492528,
         "command": "whoami",
         "parameters": "",
         "id": "16c235f8-5770-4e10-a99f-77b4bec758ce",
         "token": 0
       }
     ]
   }

2. Task 2:

   {
     "action": "get_tasking",
     "tasks": [
       {
         "timestamp": 1759492530,
         "command": "ls",
         "parameters": "{\"1\": \".\", \"2\": \"\"}",
         "id": "ba25aa22-9ae5-42b9-9c89-f2f742d1356d",
         "token": 0
       }
     ]
   }

These are converted to separate delegate items with the same destination UUID:

{
  "action": "get_tasking",
  "delegates": [
    {
      "message": "NTY3OTc4OWQtNjY2NS00OGYxLTkyMTMtNzYxMjBmNzQ5NmQ38deki1/pGm9UcdC1lNz5dn7BLUO9hTxfiVALqhsbGZRihWcscrG+3J4SGNrU20hUW/0V43PtUFhIoSKkX/j33ufC8ATs/O4uzSUlmkzrLSUV/jfi0AyowqkIKaeYFz/I",
      "uuid": "5679789d-6665-48f1-9213-76120f7496d7",
      "c2_profile": "tcp"
    },
    {
      "message": "NTY3OTc4OWQtNjY2NS00OGYxLTkyMTMtNzYxMjBmNzQ5NmQ3pNt7md20BZDj+FANUocoVkBiraRxn8ZF5WuoFkgF7RLAkppYiVfwVrSwvp8lTfJ16q0fsJO49A4q4oYHbiotDRzlFTznqBfXbBrIG9P1vJ4eFgBuGW99sfWyjpU13+dJ",
      "uuid": "5679789d-6665-48f1-9213-76120f7496d7",
      "c2_profile": "tcp"
    }
  ],
  "tasks": []
}

Expected Behavior:

Items with the same destination UUID should be bundled into a single get_tasking request to optimize the delegation process.

Steps to Reproduce:

1. Set get_delegate_tasks to True (or not set it at all as True is the default).
2. Create multiple tasks for a p2p agent before the parent issues a get_tasking.
3. Observe the separate get_tasking requests and delegate items.

Environment:

• Mythic C2 version: v3.3.1-rc94

[its-a-feature]

That's a good point. I think I can relatively easily get those bundled together into a single message

[its-a-feature]

this is updated as of the release today, if you could give that a try and let me know?

[save196]

Thanks!
I managed to test it, now the tasks are properly bundled together.
Though, I noticed that if there are get_tasking items to delegate outside of the tasks array they are still sent as a separate get_tasking message.
I used socks connection for testing and I got one get_tasking response with the socks list and a separate one with the tasks.

Example:
If I issue whoami while a socks connection is open (both things on the same p2p agent of course), I get:

1. {"action": "get_tasking", "tasks": [{...
2. {"action": "get_tasking", "socks": [{...

That are sent to the parent agent as:

{
  "action": "get_tasking",
  "delegates": [
    {
      "message": "OGQxZTM1YzUtMTViZS00NWQwLTk2NzctNDdmOTQzN2I2ZjJj/xIz+kXzfDUJELAzRmKbXhZiWflAwbtDm0bi64X+8hJKIv3WZ8WcfXUzhVr8wL+hkpuCq333VPkd63y8KXmd1T9DnHQNuSanGAjOSd/x3hDozt9zPY7CYtkKn2BU8+1Z",
      "uuid": "8d1e35c5-15be-45d0-9677-47f9437b6f2c",
      "c2_profile": "tcp"
    },
    {
      "message": "OGQxZTM1YzUtMTViZS00NWQwLTk2NzctNDdmOTQzN2I2ZjJj1HkBD2OFb21UZMDz+1zEYlBrbt1a/0AE+Gb0kDmV9zM3kS7Cqy0Qf6LZTweGVk2sGaFyPkODyLhylMLDYeAL0oi7crZOd0fniUxtV4FX5PKIBKOeeAX+1CtbdP290I6J",
      "uuid": "8d1e35c5-15be-45d0-9677-47f9437b6f2c",
      "c2_profile": "tcp"
    }
  ],
  "tasks": []
}

[its-a-feature]

Ah yeah that's a good point. Those are currently checked at two different points in the processing. You'll notice the same thing will happen with rpfwds and interactive tasks as well.

That'll be a little bit more work, but I'll work on it to get all of these things aggregated in as few delegate messages as possible