aryma/Ares-mythic
1
0
Fork 0
mirror of https://github.com/Aryma-f4/Ares-mythic.git synced 2026-06-23 23:54:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: aryma:286accf2716382bdaf2ad25e09674d7e6f99c27d
Branches Tags
aryma:main
..
compare: aryma:main
Branches Tags
aryma:main

4 Commits
286accf271 ... main

Author SHA1 Message Date
Aryma
dfb7ea177c fix(builder): improve artifact packaging with optional helper support 
Update move_first_existing function to handle optional artifacts gracefully
instead of raising FileNotFoundError. When optional artifacts are missing,
append informative messages to stdout_err instead of failing the build.

Also update agent icons to reference external PNG files instead of embedded
base64 data for better maintainability.
 2026-04-15 05:54:00 +07:00
Aryma
0c209d7201 fix(builder): handle multiple possible artifact paths during build 
The build process previously assumed artifacts were located in a single directory. However, due to project structure changes, artifacts may now be in different locations. This change adds a helper function to try multiple candidate paths for each artifact, moving the first existing file to the target location. This ensures compatibility across different build configurations.
 2026-04-15 05:43:30 +07:00
Aryma
b88b3a2184 build(ares): update version, .gitignore, and project files 
- Bump semver to 2.4.12-v5 in builder.py
- Add debug_vps/ to .gitignore
- Remove BOM and unused PowerShell reference from Tasks.csproj
- Add dark and light theme SVG icons for the agent
 2026-04-15 05:29:37 +07:00
Aryma
6a3bf4ffbf fix(ares): update logo paths and Docker image version 
Update logo references to correct directory and bump Docker image tag to v4.
Fix permissions and improve build steps in Dockerfile.
Adjust .NET build warnings configuration.
Add light and dark mode SVG logos.
 2026-04-15 04:56:54 +07:00
14 changed files with 73 additions and 17 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -4,6 +4,7 @@ __pycache__/
**/*.dll
# Sphinx documentation
docs/_build/
debug_vps/
# Environments
#.env
.venv

6
Payload_Type/ares/Dockerfile
View File

@@ -17,7 +17,11 @@ RUN /venv/bin/python -m pip install git+https://github.com/MEhrn00/donut.git@v2.
COPY [".", "."]
# fetch all dependencies
RUN cd ares/agent_code && dotnet restore --verbosity quiet && rm donut ; cp /donut donut
RUN chmod -R u+w /Mythic/ares/agent_code && \
cd ares/agent_code && \
dotnet restore Ares/Ares.csproj --verbosity quiet && \
rm -f donut && \
cp /donut donut
RUN cd ares/agent_code && cp COFFLoader.dll /COFFLoader.dll
CMD ["bash", "-c", "cp /donut /Mythic/ares/agent_code/donut && /venv/bin/python main.py"]

10
Payload_Type/ares/ares/agent_code/Tasks/Tasks.csproj
View File

@@ -1,4 +1,4 @@
<Project Sdk="Microsoft.NET.Sdk">
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net451</TargetFramework>
<OutputType>Library</OutputType>
@@ -10,14 +10,14 @@
<Platforms>AnyCPU;x64;x86</Platforms>
</PropertyGroup>
<ItemGroup>
<Reference Include="System.Management.Automation">
<HintPath>..\packages\System.Management.Automation6.1.7\System.Management.Automation.dll</HintPath>
</Reference>
<Reference Include="System.ServiceProcess" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\AresInterop\AresInterop.csproj" />
</ItemGroup>
<ItemGroup>
<Compile Remove="powershell.cs" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Costura.Fody" Version="5.7.0" PrivateAssets="All" />
<PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
@@ -27,4 +27,4 @@
<PackageReference Include="System.DirectoryServices" Version="4.5.0" />
<PackageReference Include="System.Management" Version="4.5.0" />
</ItemGroup>
</Project>
</Project>

4
Payload_Type/ares/ares/agent_code/directory.build.props
View File

@@ -3,8 +3,10 @@
<TargetFramework>net451</TargetFramework>
<LangVersion>12</LangVersion>
<Nullable>enable</Nullable>
<TreatWarningsAsErrors>false</TreatWarningsAsErrors>
<WarningsAsErrors></WarningsAsErrors>
<WarningsNotAsErrors>$(WarningsNotAsErrors);0108;0168;0169;0219;0649;8600;8602;8603;8618;8625;8629</WarningsNotAsErrors>
<GenerateAssemblyInfo>false</GenerateAssemblyInfo>
<Platforms>AnyCPU;x64;x86</Platforms>
</PropertyGroup>
</Project>

48
Payload_Type/ares/ares/mythic/agent_functions/builder.py
View File

@@ -140,7 +140,7 @@ class Ares(PayloadType):
supported_os = [
SupportedOS.Windows
]
semver = "2.4.12"
semver = "2.4.12-v5"
description = "Ares Windows payload type for Mythic."
wrapper = False
wrapped_payloads = ["scarecrow_wrapper", "service_wrapper"]
@@ -648,18 +648,52 @@ NOTE: v2.3.2+ uses a different BOF loader than v2.3.1 and they are not compatibl
StepSuccess=True
))
resp.status = BuildStatus.Success
missing_optional_artifacts = []
def move_first_existing(candidates, target_path, required=False):
for candidate in candidates:
if os.path.exists(candidate):
shutil.move(candidate, target_path)
return True
if required:
raise FileNotFoundError(f"Unable to locate artifact for {target_path}: {candidates}")
missing_optional_artifacts.append((target_path, candidates))
return False
targetExeAsmPath = "/srv/ExecuteAssembly.exe"
targetPowerPickPath = "/srv/PowerShellHost.exe"
targetScreenshotInjectPath = "/srv/ScreenshotInject.exe"
targetKeylogInjectPath = "/srv/KeylogInject.exe"
targetExecutePEPath = "/srv/ExecutePE.exe"
targetInteropPath = "/srv/AresInterop.dll"
shutil.move(f"{agent_build_path.name}/{buildPath}/ExecuteAssembly.exe", targetExeAsmPath)
shutil.move(f"{agent_build_path.name}/{buildPath}/PowerShellHost.exe", targetPowerPickPath)
shutil.move(f"{agent_build_path.name}/{buildPath}/ScreenshotInject.exe", targetScreenshotInjectPath)
shutil.move(f"{agent_build_path.name}/{buildPath}/KeylogInject.exe", targetKeylogInjectPath)
shutil.move(f"{agent_build_path.name}/{buildPath}/ExecutePE.exe", targetExecutePEPath)
shutil.move(f"{agent_build_path.name}/{buildPath}/AresInterop.dll", targetInteropPath)
move_first_existing([
f"{agent_build_path.name}/{buildPath}/ExecuteAssembly.exe",
f"{agent_build_path.name}/ExecuteAssembly/bin/Release/net451/ExecuteAssembly.exe",
], targetExeAsmPath)
move_first_existing([
f"{agent_build_path.name}/{buildPath}/PowerShellHost.exe",
f"{agent_build_path.name}/PowerShellHost/bin/Release/net451/PowerShellHost.exe",
], targetPowerPickPath)
move_first_existing([
f"{agent_build_path.name}/{buildPath}/ScreenshotInject.exe",
f"{agent_build_path.name}/ScreenshotInject/bin/Release/net451/ScreenshotInject.exe",
], targetScreenshotInjectPath)
move_first_existing([
f"{agent_build_path.name}/{buildPath}/KeylogInject.exe",
f"{agent_build_path.name}/KeylogInject/bin/Release/net451/KeylogInject.exe",
], targetKeylogInjectPath)
move_first_existing([
f"{agent_build_path.name}/{buildPath}/ExecutePE.exe",
f"{agent_build_path.name}/ExecutePE/bin/Release/net451/ExecutePE.exe",
], targetExecutePEPath)
move_first_existing([
f"{agent_build_path.name}/{buildPath}/AresInterop.dll",
f"{agent_build_path.name}/AresInterop/bin/Release/net451/AresInterop.dll",
], targetInteropPath)
if missing_optional_artifacts:
stdout_err += "\nOptional helper artifacts were not packaged:\n" + "\n".join(
f"{target}: {candidates}" for target, candidates in missing_optional_artifacts
)
if self.get_parameter('output_type') == "Source":
shutil.make_archive(f"/tmp/{agent_build_path.name}/source", "zip", f"{agent_build_path.name}")
await SendMythicRPCPayloadUpdatebuildStep(MythicRPCPayloadUpdateBuildStepMessage(

BIN
agent_icons/XF-09_Ares.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 14 KiB

3
agent_icons/ares.svg Normal file
View File

@@ -0,0 +1,3 @@
<svg xmlns="http://www.w3.org/2000/svg" width="218" height="250" viewBox="0 0 218 250">
<image href="/static/XF-09_Ares.png" width="218" height="250" preserveAspectRatio="xMidYMid meet" />
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 198 B

3
agent_icons/ares_dark.svg Normal file
View File

@@ -0,0 +1,3 @@
<svg xmlns="http://www.w3.org/2000/svg" width="218" height="250" viewBox="0 0 218 250">
<image href="/static/XF-09_Ares.png" width="218" height="250" preserveAspectRatio="xMidYMid meet" />
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 198 B

3
agent_icons/ares_light.svg Normal file
View File

@@ -0,0 +1,3 @@
<svg xmlns="http://www.w3.org/2000/svg" width="218" height="250" viewBox="0 0 218 250">
<image href="/static/XF-09_Ares.png" width="218" height="250" preserveAspectRatio="xMidYMid meet" />
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 198 B

2
config.json
View File

@@ -4,5 +4,5 @@
"exclude_documentation_payload": false,
"exclude_documentation_c2": false,
"exclude_agent_icons": false,
"remote_images": {"ares" :"ghcr.io/aryma-f4/ares-mythic:multiarch-fixed-v3"}
"remote_images": {"ares" :"ghcr.io/aryma-f4/ares-mythic:amd64-fixed-v5"}
}

2
documentation-payload/ares/_index.md
View File

@@ -4,7 +4,7 @@ chapter = true
weight = 100
+++
![logo](/agents/apollo/XF-09_Ares.png?width=600px)
![logo](/agents/ares/XF-09_Ares.png?width=600px)
## Summary

3
documentation-payload/ares/ares_dark.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

3
documentation-payload/ares/ares_light.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

2
documentation-payload/ares/commands/_index.md
View File

@@ -5,7 +5,7 @@ weight = 15
pre = "<b>2. </b>"
+++
![logo](/agents/apollo/XF-09_Ares.png?width=600px)
![logo](/agents/ares/XF-09_Ares.png?width=600px)
## Table of Contents