Artifact Storage #307

terrorbyte · 2025-01-29T02:10:51Z

Part of #189

This is the first pass at adding a basic artifact storage to the framework. Changes are:

Add a SQL table for a really basic artifact set
Add SQL for insertion and initialization
Add exploit.StoreArtifact that will store an artifact in the output flag location and/or in the database

Things needed before undraft:

Add string templatizing from Config function #306 merged to add the ability to templatize output files, so we can normalize all exploit outputs
A pass at whether the SQL tables could be improved, I already know now that the current parts I have in there are insufficient for really detailed data storage but as a "go fast" version this seems okay and solves most our cases in our real exploits.
Another pass at docs. Making it clear that conf.SetStringFlag("output") will change behavior seems good. I honestly considered making this a "reserved" flag somehow and doing something similar to Allow for manual triggering of C2 startup #300 so that "output artifact data" becomes a config toggle explicitly. I think the magic config flag isn't ideal and could be a footgun. Another benefit of doing it Allow for manual triggering of C2 startup #300 style would be that the exploit internals could add to -details if artifact collection is expected.
Are the flags sufficient for information? Or is it unclear what the parameters for storage are?
Testing.
More testing.

First pass at artifact storage

542cbd1

terrorbyte added documentation Improvements or additions to documentation enhancement New feature or request rfc labels Jan 29, 2025

terrorbyte requested a review from j-baines January 29, 2025 02:10

terrorbyte self-assigned this Jan 29, 2025

terrorbyte changed the title ~~First pass at artifact storage~~ Artifact Storage Jan 29, 2025

Provide feedback