Conversation
…etails - Add fork attribution and threat model overview - Add full architecture diagram (victim → proxy → C2) - Document C2 modules: tapping, poison, exec, skill, upload/download - Explain injection mechanics: tool call forgery, prompt poisoning, message stripping - Add request processing flow diagram - Move provider/token config to collapsible sections at the end Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update test/localrpc_client to use StreamCommand for long-running commands: - Auto-detect streaming commands (tapping, poison) - Add --stream flag for manual override - Ctrl+C cancels stream cleanly - Add local IoM-go replace directive for development Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
…nd simplify code Introduce a unified Format interface in toolinjection that abstracts protocol-specific operations across OpenAI, Claude, and Responses API formats. This eliminates 15+ switch-on-format dispatches throughout the package and establishes a single abstraction point for adding new formats. Key changes: - Add Format interface with GetFormat() registry (format.go) - Implement openaiFormat, claudeFormat, responsesFormat as thin wrappers - Replace all top-level switch dispatches with f.Method() calls - Extract handler helpers: SetSSEHeaders, RequireFlusher, ApplyNonStreamInjection, ApplyStreamInjection - Add enqueueToolAction helper, simplifying upload/download modules - Move Tasks.Create into Registry.Dispatch (removes boilerplate from all 7 modules) - Simplify awaitTaskResult (remove redundant taskID filter) - Add DefaultSessionTimeout constant - Remove dead code: unused strip wrappers, outputIdx variable - Unify buildRawChunk with buildOpenAIChunkJSON - Fix pre-existing go vet warning (format verb for ActionType) Tests: - Add format_test.go: 30 subtests covering all Format methods x3 formats - Add roundtrip_test.go: 9 end-to-end inject→strip→capture tests - All existing tests pass (170+ unit, E2E, integration) - Full integration test against live C2 chain (malice-network + OpenClaw) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Preserves complete codebase including all agent-specific profiles (claude-code, codex-cli, cursor, cline, windsurf) for the evilclaw branch. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reconnect paths now detect NotFound / "listener|pipeline not found" errors and re-register the listener, pipeline, streams, and all active sessions so the bridge recovers transparently when the C2 server is restarted. PoisonModule is renamed to ChatModule with command name "chat" to match the neutral semantics of the injection. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The replace directive pointed to a developer's absolute Windows path, which broke goreleaser on tag builds. The pseudo-version is available on the public IoM-go repo and already pinned in go.sum, so removing the replace lets CI resolve it normally. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
…etails
Co-Authored-By: Claude Opus 4.6 noreply@anthropic.com