NimPlant is back for Black Hat season! This release adds a fully-featured Rust implant besides the "classic" Nim version. The Rust implant is written from scratch and is designed to be more conscious about memory management (e.g. configuration parsing), while supporting all the goodies that the Nim version does¹. The release also adds Docker for all your (cross-)compilation or server hosting needs - without the dependency issues!
New features
- Added fully-featured, Rust-based implant 🦀🎉
- Added Dockerfile to allow easy compilation and server portability without dependency issues
- Docker image is published to chvancooten/nimplant by CI/CD
- Added example
docker-compose.ymlthat demonstrates how to use Nginx as reverse proxy
Enhancements
- Replace manual argument parsing with argparse in
nimplant.pyhelper script (939ed19) - Various enhancements to CI/CD pipeline
Bugfixes
- Improve argument parsing and transmission (close #21)
- Fix bug with server exit logic when nimplants are late (74a581f)
- Fix bug where jitter was set incorrectly (ee98e2d)
Other
- Added
strings_test.yarto allow opsec checks on disk and/or in-memory - Added VS Code devcontainer configuration
- Update dependencies for GUI and Python components
Full Changelog: v1.3...v1.4
¹ Sleep masking not yet supported for the Rust implant.