Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Story: As a minifi user, I want to push files to my agents from a central C2 server, and reference them later in the flow. E.g. pushing a python script, and after ACK, updating the flow with an ExecuteScript to use that python script.
Technical details:
As a security measure, we need a new property for the asset path, which defaults to MINIFI_HOME/asset, and we need to place all assets in that directory.
The functionality is an extension to the UPDATE C2 operation, under a new download-file operand. Example operation:
"requestedOperations": [
{
"identifier": "8678316c-d4fd-493b-9177-454a0d65d7fd",
"operation": "UPDATE",
"operand": "download-asset",
"args": {
"file": "my_script.py",
"url": "/c2/asset/472a0346-4b6b-11ec-9a48-0242ac11000c",
"checksum": "120EA8A25E5D487BF68B5F7096440019",
"forceDownload": "false"
},
"dependencies": []
}
]
The meaning of forceDownload: If a file with the specified name already exists in the asset directory, we overwrite it if forceDownload, otherwise we reply with NO_OPERATION.
If the URL is relative, it's treated as relative to the base path of the heartbeat url. I.e. if the C2 heartbeat goes to http://myc2:1234/c2/heartbeat and url="/asset/my_script.py", then we download http://myc2:1234/asset/my_script.py.
Attachments
Issue Links
- contains
-
-
- Resolved
-
