allow selecting existing files for register_* commands

Author: its-a-feature

Payload_Type/apollo/CHANGELOG.MD

@@ -4,7 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [v2.3.6] - 
+## [v2.3.7] - 2025-03-12
+
+### Changed
+
+- Added the ability to select already uploaded files as part of the register_* commands
+
+## [v2.3.6] - 2025-03-12
 
 ### Changed
 

Payload_Type/apollo/apollo/mythic/agent_functions/builder.py

@@ -21,7 +21,7 @@ class Apollo(PayloadType):
     supported_os = [
         SupportedOS.Windows
     ]
-    version = "2.3.6"
+    version = "2.3.7"
     wrapper = False
     wrapped_payloads = ["scarecrow_wrapper", "service_wrapper"]
     note = """

Payload_Type/apollo/apollo/mythic/agent_functions/register_file.py

@@ -12,9 +12,48 @@ def __init__(self, command_line, **kwargs):
                 name="file",
                 cli_name="File", 
                 display_name="File",
-                type=ParameterType.File)
+                type=ParameterType.File,
+                parameter_group_info=[ParameterGroupInfo(
+                    ui_position=1,
+                    required=True,
+                    group_name="Add New File"
+                )]
+            ),
+            CommandParameter(
+                name="existingFile",
+                cli_name="existingFile",
+                display_name="Existing File",
+                type=ParameterType.ChooseOne,
+                dynamic_query_function=self.get_files,
+                parameter_group_info=[ParameterGroupInfo(
+                    ui_position=1,
+                    required=True,
+                    group_name="Use Existing File"
+                )]
+            )
         ]
 
+    async def get_files( self, inputMsg: PTRPCDynamicQueryFunctionMessage ) -> PTRPCDynamicQueryFunctionMessageResponse:
+        fileResponse = PTRPCDynamicQueryFunctionMessageResponse(Success=False)
+        file_resp = await SendMythicRPCFileSearch(
+            MythicRPCFileSearchMessage(
+                CallbackID=inputMsg.Callback,
+                LimitByCallback=False,
+                Filename="",
+            )
+        )
+        if file_resp.Success:
+            file_names = []
+            for f in file_resp.Files:
+                if f.Filename not in file_names:
+                    file_names.append(f.Filename)
+            fileResponse.Success = True
+            fileResponse.Choices = file_names
+            return fileResponse
+        else:
+            fileResponse.Error = file_resp.Error
+            return fileResponse
+
     async def parse_arguments(self):
         if len(self.command_line) == 0:
             raise Exception("No arguments given.")
@@ -39,21 +78,39 @@ async def create_go_tasking(self, taskData: PTTaskMessageAllData) -> PTTaskCreat
             TaskID=taskData.Task.ID,
             Success=True,
         )
-        file_resp = await SendMythicRPCFileSearch(MythicRPCFileSearchMessage(
-            TaskID=taskData.Task.ID,
-            AgentFileID=taskData.args.get_arg("file")
-        ))
-        if file_resp.Success:
-            original_file_name = file_resp.Files[0].Filename
+        if taskData.args.get_parameter_group_name() == "Add New File":
+            file_resp = await SendMythicRPCFileSearch(MythicRPCFileSearchMessage(
+                TaskID=taskData.Task.ID,
+                AgentFileID=taskData.args.get_arg("file")
+            ))
+            if file_resp.Success:
+                original_file_name = file_resp.Files[0].Filename
+            else:
+                raise Exception("Failed to fetch uploaded file from Mythic (ID: {})".format(taskData.args.get_arg("file")))
+            taskData.args.add_arg("file_name", original_file_name, parameter_group_info=[ParameterGroupInfo(
+                group_name="Add New File"
+            )])
+            taskData.args.add_arg("file_id", taskData.args.get_arg("file"), parameter_group_info=[ParameterGroupInfo(
+                group_name="Add New File"
+            )])
+            response.DisplayParams = original_file_name
         else:
-            raise Exception("Failed to fetch uploaded file from Mythic (ID: {})".format(taskData.args.get_arg("file")))
-        
-        taskData.args.add_arg("file_name", original_file_name)
-
-        taskData.args.add_arg("file_id", taskData.args.get_arg("file"))
-        
-        response.DisplayParams = original_file_name
-        
+            file_resp = await SendMythicRPCFileSearch(MythicRPCFileSearchMessage(
+                TaskID=taskData.Task.ID,
+                Filename=taskData.args.get_arg("existingFile"),
+                MaxResults=1,
+            ))
+            if not file_resp.Success:
+                raise Exception("Failed to fetch find file from Mythic (name: {})".format(taskData.args.get_arg("existingFile")))
+            response.DisplayParams = file_resp.Files[0].Filename
+            taskData.args.add_arg("file_name", file_resp.Files[0].Filename, parameter_group_info=[ParameterGroupInfo(
+                group_name="Use Existing File"
+            )])
+            taskData.args.add_arg("file_id", file_resp.Files[0].AgentFileId, parameter_group_info=[ParameterGroupInfo(
+                group_name="Use Existing File"
+            )])
+            taskData.args.remove_arg("existingFile")
+
         return response
 
     async def process_response(self, task: PTTaskMessageAllData, response: any) -> PTTaskProcessResponseMessageResponse:

agent_capabilities.json

@@ -11,6 +11,6 @@
   "architectures": ["x86_64"],
   "c2": ["http", "smb", "tcp", "websocket"],
   "mythic_version": "3.3.1-rc42",
-  "agent_version": "2.3.1",
+  "agent_version": "2.3.7",
   "supported_wrappers": ["service_wrapper", "scarecrow_wrapper"]
 }