Conversation
- Updated `c2.proto` logic in Go backend to support `oneof` context field (TaskContext or ShellTaskContext). - Renamed `ReportTaskOutput` to `ReportOutput` in Go backend and Rust agent to reflect generic reporting. - Updated `ImixAgent` and `Eldritch` interpreter in Rust to use `Context` enum for handling task vs shell task execution. - Refactored `api_reverse_shell.go` to use line-of-sight coding for context resolution. - Updated Go tests, including fixing `TestReverseShell_E2E` by adding JWT generation. - Added `ReportFileKind` support to file reporting. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: KCarretto <16250309+KCarretto@users.noreply.github.com>
Contributor
Summary
Previous Results
Insights
Slowest Tests
🎉 No failed tests in this run. | 🍂 No flaky tests in this run. Github Test Reporter by CTRF 💚 🔄 This comment has been updated |
- Modifies `Portal` ent schema to add optional `shell_task` edge and make `task` edge optional. - Updates `CreatePortal` in `mux` to accept `taskID` and `shellTaskID`, allowing creation from either context. - Updates C2 `CreatePortal` handler to pass `shellTaskID` directly instead of resolving `Task` from `ShellTask`. - Updates tests to verify new functionality. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: KCarretto <16250309+KCarretto@users.noreply.github.com>
The `CreatePortal` API now requires a valid JWT in the `TaskContext` or `ShellTaskContext`. This commit updates the integration and benchmark tests in `tavern/internal/portals` to: 1. Store the generated `ed25519` private key in `TestEnv`. 2. Use a helper `generateJWT` to sign a valid JWT. 3. Include the JWT in `CreatePortalRequest` calls in `TestPortalIntegration`, `TestPortalClose`, and `BenchmarkPortalThroughput`. This resolves the test failures where the server was rejecting the requests due to missing or invalid JWTs. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: KCarretto <16250309+KCarretto@users.noreply.github.com>
) The end-to-end test `tests/repl.spec.ts` expects the reverse shell REPL prompt to be `>>> `. However, the `imix` agent was outputting `> `. This change updates `implants/imix/src/shell/repl.rs` to use `>>> ` as the prompt, aligning the agent behavior with the test expectation and standard Python/Eldritch REPL prompts. Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: KCarretto <16250309+KCarretto@users.noreply.github.com>
Cictrone
approved these changes
Feb 23, 2026
hulto
reviewed
Feb 23, 2026
| stream_id, | ||
| seq_id, | ||
| }; | ||
| // Portal execution doesn't have a task context really, or it inherits previous? |
| wantResp: &c2pb.ReportOutputResponse{}, | ||
| wantCode: codes.OK, | ||
| wantOutput: "TestOutput", // Output is additive, previous test ran first? No, tests are independent runs unless I chain them? | ||
| // Tests run in loop. `existingTasks[0]` is modified by previous test case? |
Collaborator
There was a problem hiding this comment.
AI notes to self? I'd clean them up or remove.
| // Set JWT if needed (already set in cases above) | ||
| // But if we wanted to enforce it here: | ||
| if msg, ok := tc.req.Message.(*c2pb.ReportOutputRequest_TaskOutput); ok { | ||
| if msg.TaskOutput.Context == nil { |
| PrivKey ed25519.PrivateKey | ||
| } | ||
|
|
||
| func generateJWT(t testing.TB, privKey ed25519.PrivateKey) string { |
Collaborator
There was a problem hiding this comment.
Can we use the real CreateCA function?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Makes a number of updates to our gRPC API to better support execution of eldritch from ShellTasks and cleans up some of the naming now that methods may run from regular Tome tasks or a ShellTask.
Screenshots of Misc Testing