Open
Conversation
…nnel Remove suo5 TCP tunnel (transport.go) and rewrite Channel to communicate with the bridge DLL through HTTP POST requests with X-Stage headers. The webshell now calls DLL exports directly via function pointers — no TCP port opened on the target. Introduce ChannelIface for testability.
…load - Replace fixed-interval polling with adaptive long-poll (idle/active) - Add HMAC-SHA256 time-based token rotation for secrets >32 chars - Add jitter to poll intervals to avoid request synchronization - Add --dll flag for automatic DLL delivery via X-Stage: load - Accept tcp/empty pipeline types alongside webshell
CLI tool for listing, registering, starting and stopping webshell pipelines directly via the admin RPC, useful for development and debugging without the full client TUI.
- Add dependency jar delivery (e.g., jna.jar) before DLL loading for JSP targets - Add response streaming support with length-prefixed frames and fallback - Replace suo5:// URL scheme with direct HTTP(S) URL - Add structured JSON status response alongside legacy text format - Expand test coverage for new channel features
The webshell bridge functionality is being moved into the listener process as WebShellPipeline, eliminating the need for a separate binary.
Add RawCustomParams field to PipelineParams so that non-built-in pipeline types (e.g. webshell) retain their original JSON params when serialized to/from the database.
Implement WebShellPipeline inside the listener process, replacing the standalone bridge binary. Uses suo5 for full-duplex streaming, supports DLL bootstrap via HTTP staging, TLV framing, and dependency delivery.
Replace bridge-binary-oriented client commands with suo5-backed params. Add --suo5, --token, --dll, --deps flags; store params as JSON in CustomPipeline.Params; remove resolveWebShellListenerHost and bridge hints.
Reflect the move from standalone bridge binary to WebShellPipeline running inside the listener process with suo5 data channel and TLV framing.
… simplify bootstrap - Replace custom writeFrame/readFrame with MaleficParser.WritePacket/ReadPacket, gaining built-in compression and optional Age encryption - Replace body envelope bootstrap protocol with simple HTTP query string (?s=stage) - Remove token/HMAC authentication (delegate to suo5 transport) - Extract PipelineRuntimeErrorHandler to core, deduplicate across all 5 pipelines (tcp, http, bind, rem, webshell) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.