Skip to content

Commit

Permalink
v0.1.2
Browse files Browse the repository at this point in the history 
Fixed potential negative values for timestamps in ls
  • Loading branch information
@its-a-feature
its-a-feature committed Feb 27, 2024
1 parent dfc4429 commit 9cbbbb6
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 6 deletions.
20 changes: 16 additions & 4 deletions Payload_Type/apfell/apfell/agent_code/ls.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,14 @@ exports.ls = function(task, command, params){
file_add['permissions']['owner'] = attr['NSFileOwnerAccountName'] + "(" + attr['NSFileOwnerAccountID'] + ")";
file_add['permissions']['group'] = attr['NSFileGroupOwnerAccountName'] + "(" + attr['NSFileGroupOwnerAccountID'] + ")";
file_add['permissions']['hidden'] = attr['NSFileExtensionAttribute'] === true;
file_add['permissions']['create_time'] = Math.trunc(time_attr['NSFileCreationDate'].timeIntervalSince1970 * 1000);
file_add['modify_time'] = Math.trunc(time_attr['NSFileModificationDate'].timeIntervalSince1970 * 1000);
file_add['permissions']['create_time'] = Math.floor(Math.trunc(time_attr['NSFileCreationDate'].timeIntervalSince1970 * 1000));
if(file_add['permissions']['create_time'] < 0){
file_add['permissions']['create_time'] = 0;
}
file_add['modify_time'] = Math.floor(Math.trunc(time_attr['NSFileModificationDate'].timeIntervalSince1970 * 1000));
if(file_add['modify_time'] < 0){
file_add['modify_time'] = 0;
}
file_add['access_time'] = 0;
files_data.push(file_add);
}
Expand Down Expand Up @@ -104,7 +110,10 @@ exports.ls = function(task, command, params){
}
output['size'] = attributes['NSFileSize'];
output['access_time'] = 0;
output['modify_time'] = Math.trunc(time_attributes['NSFileModificationDate'].timeIntervalSince1970 * 1000);
output['modify_time'] = Math.floor(Math.trunc(time_attributes['NSFileModificationDate'].timeIntervalSince1970 * 1000));
if(output["modify_time"] < 0){
output["modify_time"] = 0;
}
if(attributes['NSFileExtendedAttributes'] !== undefined){
let extended = {};
let perms = attributes['NSFileExtendedAttributes'].js;
Expand All @@ -115,7 +124,10 @@ exports.ls = function(task, command, params){
}else{
output['permissions'] = {};
}
output['permissions']['create_time'] = Math.trunc(time_attributes['NSFileCreationDate'].timeIntervalSince1970 * 1000);
output['permissions']['create_time'] = Math.floor(Math.trunc(time_attributes['NSFileCreationDate'].timeIntervalSince1970 * 1000));
if(output['permissions']['create_time'] < 0){
output['permissions']['create_time'] = 0;
}
output['permissions']['posix'] =((nsposix >> 6) & 0x7).toString() + ((nsposix >> 3) & 0x7).toString() + (nsposix & 0x7).toString();
output['permissions']['owner'] = attributes['NSFileOwnerAccountName'] + "(" + attributes['NSFileOwnerAccountID'] + ")";
output['permissions']['group'] = attributes['NSFileGroupOwnerAccountName'] + "(" + attributes['NSFileGroupOwnerAccountID'] + ")";
Expand Down
2 changes: 1 addition & 1 deletion Payload_Type/apfell/apfell/agent_functions/builder.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ class Apfell(PayloadType):
supported_os = [SupportedOS.MacOS]
wrapper = False
wrapped_payloads = []
note = """This payload uses JavaScript for Automation (JXA) for execution on macOS boxes."""
note = """This payload uses JavaScript for Automation (JXA) for execution on macOS boxes. Version 0.1.2"""
supports_dynamic_loading = True
c2_profiles = ["http", "dynamichttp"]
mythic_encrypts = True
Expand Down
2 changes: 1 addition & 1 deletion agent_capabilities.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,6 @@
"architectures": ["x86_64", "arm_64"],
"c2": ["http", "dynamichttp"],
"mythic_version": "3.2",
"agent_version": "",
"agent_version": "0.1.2",
"supported_wrappers": []
}

0 comments on commit 9cbbbb6

Please sign in to comment.