Documentation
¶
Index ¶
- Constants
- func CLR(cmd jobs.Command) jobs.Results
- func Connect(network string, args []string) (results jobs.Results)
- func ConnectSMB(host, pipe string) (results jobs.Results)
- func CreateProcess(cmd jobs.Command) jobs.Results
- func Download(transfer jobs.FileTransfer) (result jobs.Results)
- func ExecuteCommand(cmd jobs.Command) jobs.Results
- func ExecuteShellcode(cmd jobs.Shellcode) jobs.Results
- func ExecuteShellcodeCreateProcessWithPipe(string, string, string) (stdout string, stderr string, err error)
- func ExecuteShellcodeQueueUserAPC([]byte, uint32) error
- func ExecuteShellcodeRemote(shellcode []byte, pid uint32) error
- func ExecuteShellcodeRtlCreateUserThread(shellcode []byte, pid uint32) error
- func ExecuteShellcodeSelf(shellcode []byte) error
- func Link(cmd jobs.Command) (results jobs.Results)
- func ListenSMB(pipe string) error
- func ListenTCP(addr string) error
- func ListenUDP(addr string) error
- func Listener(cmd jobs.Command) (results jobs.Results)
- func Memfd(cmd jobs.Command) (result jobs.Results)
- func Memory(jobs.Command) (results jobs.Results)
- func MiniDump(cmd jobs.Command) (jobs.FileTransfer, error)
- func Native(cmd jobs.Command) jobs.Results
- func Netstat(cmd jobs.Command) jobs.Results
- func PS() jobs.Results
- func Pipes() jobs.Results
- func RunAs(cmd jobs.Command) (results jobs.Results)
- func SSH(command jobs.Command) (results jobs.Results)
- func Setup() error
- func TearDown() error
- func Token(cmd jobs.Command) jobs.Results
- func Unlink(cmd jobs.Command) (results jobs.Results)
- func Upload(transfer jobs.FileTransfer) (ft jobs.FileTransfer, err error)
- func Uptime() jobs.Results
Constants ¶
const ( TCP = 0 UDP = 1 SMB = 2 )
const ( // MaxSizeUDP is the maximum size that a UDP fragment can be, following the moderate school of thought due to 1500 MTU // http://ithare.com/udp-from-mog-perspective/ MaxSizeUDP = 1450 )
Variables ¶
This section is empty.
Functions ¶
func CLR ¶
CLR is the entrypoint for Jobs that are processed to determine which CLR function should be executed
func Connect ¶
Connect establishes a TCP or UDP connection to a tcp-bind or udp-bind peer-to-peer Agent
func ConnectSMB ¶
ConnectSMB establishes an SMB connection over a named pipe to a smb-bind peer-to-peer Agent
func CreateProcess ¶
CreateProcess spawns a child process with anonymous pipes, executes shellcode in it, and returns the output from the executed shellcode
func Download ¶
func Download(transfer jobs.FileTransfer) (result jobs.Results)
Download receives a job from the server to download a file to host where the Agent is running
func ExecuteCommand ¶
ExecuteCommand runs the provided input program and arguments, returning results in a message base
func ExecuteShellcode ¶
ExecuteShellcode instructs the agent to load and run shellcode according to the input job
func ExecuteShellcodeCreateProcessWithPipe ¶
func ExecuteShellcodeCreateProcessWithPipe(string, string, string) (stdout string, stderr string, err error)
ExecuteShellcodeCreateProcessWithPipe creates a child process, redirects STDOUT/STDERR to an anonymous pipe, injects/executes shellcode, and retrieves output
func ExecuteShellcodeQueueUserAPC ¶
ExecuteShellcodeQueueUserAPC executes provided shellcode in the provided target process using the Windows QueueUserAPC API call
func ExecuteShellcodeRemote ¶
ExecuteShellcodeRemote executes provided shellcode in the provided target process
func ExecuteShellcodeRtlCreateUserThread ¶
ExecuteShellcodeRtlCreateUserThread executes provided shellcode in the provided target process using the Windows RtlCreateUserThread call
func ExecuteShellcodeSelf ¶
ExecuteShellcodeSelf executes provided shellcode in the current process
func Link ¶
Link connects to the provided target over the provided protocol and establishes a peer-to-peer connection with the Agent
func ListenSMB ¶
ListenSMB binds to the provided named pipe and listens for incoming SMB connections
func Listener ¶
Listener binds to the provided interface and port and begins listening for incoming connections from other peer-to-peer agents
func Memfd ¶
Memfd places a linux executable file in-memory, executes it, and returns the results Uses the linux memfd_create API call to create an anonymous file https://man7.org/linux/man-pages/man2/memfd_create.2.html http://manpages.ubuntu.com/manpages/bionic/man2/memfd_create.2.html
func MiniDump ¶
func MiniDump(cmd jobs.Command) (jobs.FileTransfer, error)
MiniDump is the top-level function used to receive a job and subsequently execute a Windows memory dump on the target process The function returns the memory dump as a file upload to the server
func SSH ¶
SSH executes a command on a remote host using the SSH protocol and does not provide an interactive session
func Setup ¶
func Setup() error
Setup is used to prepare the environment or context for subsequent commands and is specific to each operating system
func TearDown ¶
func TearDown() error
TearDown is the opposite of Setup and removes and environment or context applications
func Token ¶
Token is the entrypoint for Jobs that are processed to determine which Token function should be executed
func Upload ¶
func Upload(transfer jobs.FileTransfer) (ft jobs.FileTransfer, err error)
Upload receives a job from the server to upload a file from the host to the Merlin server
Types ¶
This section is empty.
Source Files