# 1: Understanding the interface

Before writing the agent and its handler, we need to understand how Havoc handles third party agents. 

### Callback specifications

Since we are handling our own custom agent's callbacks ourselves, there isn't a fixed callback data structure we have to follow. However, there is a fixed set of bytes that must be prepended to each callback that gives Havoc some basic information on how to handle the callback. These bytes are as such:

```
[4 bytes] size - this is the total size (in bytes) of the request (including the 12 byte header)
[4 bytes] magic value - this is the value that is used to identify the custom agent type. It has to be common between all agents of the same type.
[4 bytes] agent ID - this is a 4 byte agent ID. This can be any value, but it should be unique per agent, so randomly generating it during runtime is a good idea.
```

So the structure of a typical callback should be something like this:

<figure><img src="https://3005128937-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7fGnUKow1kUWdcf20IE0%2Fuploads%2FvXldR5jqeL3l6IgOn1t4%2Fimage.png?alt=media&#x26;token=cb859fa3-f14f-4df3-a1d1-73a8afd057d4" alt=""><figcaption><p>Callback structure</p></figcaption></figure>

### The third party agent system

The way Havoc third party agents work, is that any data sent to a valid C2 listening interface (http/s, external c2 etc.) is checked for its magic value, and forwarded to the appropriate agent handler. For example:

<figure><img src="https://3005128937-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7fGnUKow1kUWdcf20IE0%2Fuploads%2FW7WIvdEajNZdoQoVM6i3%2FUntitled%20Diagram.jpg?alt=media&#x26;token=b571820b-05e2-421e-847e-475cbc9f0c69" alt=""><figcaption><p>Havoc third party agent system</p></figcaption></figure>

That's pretty much all you need to understand about Havoc's third party agent interface.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://codex-7.gitbook.io/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2/third-party-agents/1-understanding-the-interface.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.