v0.10 -> v0.11

Go version has been updated from 1.24.4 to 1.25.4, so a full installation following the guide is required.

Contributed to this update: shashinma, cr0eax, Xre0uS, M1ndo, ArturLukianov, entropy-z

AdaptixC2

New:

• Golang has been updated from version 1.24.4 to 1.25.4. The new version will use the new experimental encoding/json/v2 package and the new experimental greenteagc garbage collector.

• Synchronization of extension package versions and the framework itself is now controlled by a single go work statement.

• The synchronization mechanism has been optimized. The entire client interface is now blocked during synchronization.

• The GenerateUI function in axscript now also returns the ui_height and ui_width properties, which adjust the window for creating listeners or agents.

• Client UI: Add dynamic title bar styling based on theme (by shashinma)

• Added building server and extenders in docker compose (by shashinma)

Fix:

• Fixed errors with interrupted upload and synchronization of large files.

• Fixed an issue where the sync progress bar would not appear when reconnecting to the server.

Beacon

New:

• Classes that store this during initialization will get pointer to temporary memory (on stack) because of current construction method. Code changed to use new/delete with overridden operator new/operator delete for each of beacon class. (by cr0eax)

Fix:

• Problem in BeaconFormatPrintf/BeaconPrintf because vsnprintf returns -1 on error which is later used as size leading to crash (by cr0eax)

• Problem in BeaconAddValue and family. It stores Char* as raw pointer inside Map<CHAR*, LPVOID> Values; Changed to store actual key value (by cr0eax)

• Ntdll RtlRandomEx, RtlGetVersion __stdcall for x86 (crash on shifted stack) (by cr0eax)

Gopher

New:

• Golang has been updated from version 1.24.4 to 1.25.4.

Fix:

• Fixed an issue where the agent would not have a delay between reconnections.

• The cat command now has a 10 KB limit.

Extension-Kit

New:

• AD-BOF: Added readlaps BOF (by Xre0uS)

• Postex-BOF: adde SauronEye-BOF (by shashinma)

• AD-BOF (ADCS): Added certi enum BOF

• AD-BOF (ADCS): Added certi req BOF

• Creds-BOF: update cookie-monster BOF (by M1ndo)

• Creds-BOF: Added underlaycopy BOF (by shashinma)

• Injection-BOF: Added inject-32to64 BOF (by Xre0uS)

• LateralMovement-BOF: added jump scshell BOF (by Xre0uS)

• LateralMovement-BOF: added invoke scshell BOF (by Xre0uS)

• Elevation-BOF: Added potato print BOF

Fix:

• MSSQL-BOF: parse flags before positional arguments (by Xre0uS)

• MSSQL-BOF: fixed mssql clr, was missing the DLL bytes and hash (by Xre0uS)

• Kerbeus-BOF: Add kerbeus describe (by Xre0uS)

• In some environments parsed_json is not returning as a standard JS object, causing Error: Property 'hasOwnProperty' of object TypeError: Type error is not a function. Switched to using "property" in parsed_json instead of parsed_json.hasOwnProperty("property") (by Xre0uS)

templates-extender

• Golang has been updated from version 1.24.4 to 1.25.4

New community extenders

• PaperShell (by ArturLukianov) - Simple Powershell agent for Adaptix C2. + HTTP Listener

• Kharon (by entropy-z) - Fully PIC agent that operates without a reflective loader and includes evasion features such as sleep obfuscation, heap obfuscation during sleep, stack spoofing with indirect syscalls, BOF API proxy for spoofed/indirect BOF API executions, and AMSI/ETW bypass. + HTTP/S Listener