Upgraded merlin-agent to v2.4.0

Makefile

@@ -1,11 +1,20 @@
 # !!!MAKE SURE YOUR GOPATH ENVIRONMENT VARIABLE IS SET FIRST!!!
 
 # Merlin Agent DLL
-VERSION=2.2.0-dll
+VERSION=2.3.0-dll
 
 BUILD=$(shell git rev-parse HEAD)
 DIR=bin/v${VERSION}/${BUILD}
 XBUILD=-X "github.com/Ne0nd0g/merlin-agent/v2/core.Build=${BUILD}"
+# http - Include the HTTP client (including HTTP/1.1, HTTP/2, and HTTP/3)
+# http1 - Include the HTTP/1.1 client from Go's standard library
+# http2 - Include the HTTP/2 client
+# http3 - Include the HTTP/3 client
+# smb - Include the peer-to-peer SMB client
+# tcp - Include the peer-to-peer TCP client
+# udp - Include the peer-to-peer UDP client
+# winhttp - Include the Windows HTTP client
+TAGS ?=
 
 # Merlin Agent Variables
 URL ?= https://127.0.0.1:443
@@ -18,6 +27,8 @@ SLEEP ?= 30s
 XSLEEP =-X "main.sleep=$(SLEEP)"
 HOST ?=
 XHOST =-X "main.host=$(HOST)"
+HTTPCLIENT ?= go
+XHTTPCLIENT =-X "main.httpClient=$(HTTPCLIENT)"
 PROTO ?= h2
 XPROTO =-X "main.protocol=$(PROTO)"
 JA3 ?=
@@ -48,7 +59,7 @@ SECURE ?= false
 XSECURE =-X "main.secure=${SECURE}"
 
 # Compile Flags
-LDFLAGS=-ldflags '-s -w ${XSECURE} ${XPARROT} ${XADDR} ${XAUTH} ${XTRANSFORMS} ${XLISTENER} ${XBUILD} ${XPROTO} ${XURL} ${XHOST} ${XPSK} ${XSLEEP} ${XPROXY} $(XUSERAGENT) $(XHEADERS) ${XSKEW} ${XPAD} ${XKILLDATE} ${XRETRY} -buildid='
+LDFLAGS=-ldflags '-s -w ${XSECURE} ${XPARROT} ${XADDR} ${XAUTH} ${XTRANSFORMS} ${XLISTENER} ${XBUILD} ${XPROTO} ${XURL} ${XHOST} ${XHTTPCLIENT} ${XPSK} ${XSLEEP} ${XPROXY} $(XUSERAGENT) $(XHEADERS) ${XSKEW} ${XPAD} ${XKILLDATE} ${XRETRY} -buildid='
 GCFLAGS=-gcflags=all=-trimpath=$(GOPATH)
 ASMFLAGS=-asmflags=all=-trimpath=$(GOPATH)# -asmflags=-trimpath=$(GOPATH)
 PASSWORD=merlin
@@ -66,7 +77,7 @@ SEED=d0d03a0ae4722535a0e1d5d0c8385ce42015511e68d960fadef4b4eaf5942feb
 # Compile Agent - Windows x64 DLL - main() - Console
 default:
 	export GOOS=windows GOARCH=amd64 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1; \
-	go build ${LDFLAGS} ${GCFLAGS} ${ASMFLAGS} -buildmode=c-archive -o ${DIR}/main.a main.go && \
+	go build -tags ${TAGS} -trimpath ${LDFLAGS} ${GCFLAGS} ${ASMFLAGS} -buildmode=c-archive -o ${DIR}/main.a main.go && \
 	cp merlin.c ${DIR} && \
 	x86_64-w64-mingw32-gcc -shared -pthread -o ${DIR}/merlin.dll ${DIR}/merlin.c ${DIR}/main.a -lwinmm -lntdll -lws2_32 && \
 	cp ${DIR}/merlin.dll .
@@ -75,7 +86,7 @@ distro: clean default package
 
 garble:
 	export GOOS=windows GOARCH=amd64 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ CGO_ENABLED=1; \
-	garble -tiny -literals -seed ${SEED} build ${LDFLAGS} ${GCFLAGS} ${ASMFLAGS} -buildmode=c-archive -o ${DIR}/main.a main.go; \
+	garble -tiny -literals -seed ${SEED} build -tags ${TAGS} -trimpath ${LDFLAGS} ${GCFLAGS} ${ASMFLAGS} -buildmode=c-archive -o ${DIR}/main.a main.go; \
 	cp merlin.c ${DIR}; \
 	x86_64-w64-mingw32-gcc -shared -pthread -o ${DIR}/merlin.dll ${DIR}/merlin.c ${DIR}/main.a -lwinmm -lntdll -lws2_32
 

docs/CHANGELOG.MD

@@ -4,6 +4,31 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## 2.3.0 - 2024-03-26
+
+### Added
+
+- Added the `HTTPCLIENT` Makefile variable to specify which HTTP client to use
+  - Use `go` for the default Go HTTP client
+  - Use `winhttp` API for HTTP C2
+- Use `go build` tags to control which C2 clients are compiled into the agent. [Build Tags](https://merlin-c2.readthedocs.io/en/latest/agent/custom.html#build-tags)
+  - When ANY build tag is included, the agent will ONLY include that feature and nothing else. For example, if ONLY the http tag is provided, the SMB, TCP, and UDP clients will not be included.
+  - If one of the following build tags is used, then only the C2 profiles provided will be compiled in
+  - `http` - Include all HTTP clients (including HTTP/1.1, HTTP/2, and HTTP/3)
+  - `http1` - Include HTTP/1.1 client
+  - `http2` - Include HTTP/2 client
+  - `http3` - Include HTTP/3 client
+  - `winhttp` - Include Windows `winhttp` API client
+  - `mythic` - Include the Mythic client for the Mythic `http` C2 profile
+  - `smb` - Include SMB client
+  - `tcp` - Include TCP client
+  - `udp` - Include UDP client
+
+### Changed
+
+- Upgraded github.com/Ne0nd0g/merlin-agent/v2 v2.3.0 => v2.4.0
+- Upgraded github.com/google/uuid v1.5.0 => v1.6.0
+
 ## 2.2.0 - 2023-12-26
 
 ### Changed

go.mod

@@ -3,8 +3,8 @@ module github.com/Ne0nd0g/merlin-agent-dll/v2
 go 1.21
 
 require (
-	github.com/Ne0nd0g/merlin-agent/v2 v2.3.0
-	github.com/google/uuid v1.5.0
+	github.com/Ne0nd0g/merlin-agent/v2 v2.4.0
+	github.com/google/uuid v1.6.0
 )
 
 require (
@@ -13,31 +13,31 @@ require (
 	github.com/Ne0nd0g/go-clr v1.0.3 // indirect
 	github.com/Ne0nd0g/merlin-message v1.3.0 // indirect
 	github.com/Ne0nd0g/npipe v1.1.0 // indirect
-	github.com/andybalholm/brotli v1.0.6 // indirect
+	github.com/Ne0nd0g/winhttp v1.0.0 // indirect
+	github.com/andybalholm/brotli v1.1.0 // indirect
 	github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 // indirect
 	github.com/awgh/rawreader v0.0.0-20200626064944-56820a9c6da4 // indirect
-	github.com/cloudflare/circl v1.3.6 // indirect
+	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/cretz/gopaque v0.1.0 // indirect
 	github.com/fatih/color v1.16.0 // indirect
-	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
+	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
-	github.com/google/pprof v0.0.0-20231212022811-ec68065c825e // indirect
-	github.com/klauspost/compress v1.17.4 // indirect
+	github.com/google/pprof v0.0.0-20240320155624-b11c3daa6f07 // indirect
+	github.com/klauspost/compress v1.17.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/onsi/ginkgo/v2 v2.13.2 // indirect
+	github.com/onsi/ginkgo/v2 v2.17.1 // indirect
 	github.com/quic-go/qpack v0.4.0 // indirect
-	github.com/quic-go/qtls-go1-20 v0.4.1 // indirect
-	github.com/quic-go/quic-go v0.40.1 // indirect
-	github.com/refraction-networking/utls v1.6.0 // indirect
+	github.com/quic-go/quic-go v0.42.0 // indirect
+	github.com/refraction-networking/utls v1.6.3 // indirect
 	go.dedis.ch/fixbuf v1.0.3 // indirect
 	go.dedis.ch/kyber/v3 v3.1.0 // indirect
 	go.uber.org/mock v0.4.0 // indirect
-	golang.org/x/crypto v0.17.0 // indirect
-	golang.org/x/exp v0.0.0-20231226003508-02704c960a9b // indirect
-	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/net v0.19.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/crypto v0.21.0 // indirect
+	golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 // indirect
+	golang.org/x/mod v0.16.0 // indirect
+	golang.org/x/net v0.22.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	golang.org/x/tools v0.16.1 // indirect
+	golang.org/x/tools v0.19.0 // indirect
 )