rpc

package
v2.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: GPL-3.0 Imports: 48 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewPBErrorMessage 

func NewPBErrorMessage(err error) *pb.Message

NewPBErrorMessage creates an RPC client message from an error

func NewPBInfoMessage 

func NewPBInfoMessage(msg string) *pb.Message

NewPBInfoMessage Creates an "info" RPC client message

func NewPBMessageFromMessage 

func NewPBMessageFromMessage(msg *message.Message) *pb.Message

NewPBMessageFromMessage convert a message.Message into a client RPC message

func NewPBNoteMessage 

func NewPBNoteMessage(msg string) *pb.Message

NewPBNoteMessage creates a "note" RPC client message

func NewPBPlainMessage 

func NewPBPlainMessage(msg string) *pb.Message

NewPBPlainMessage creates a "plain" RPC client message

func NewPBSuccessMessage 

func NewPBSuccessMessage(msg string) *pb.Message

NewPBSuccessMessage create a "success" RPC client message

func NewPBWarnMessage 

func NewPBWarnMessage(msg string) *pb.Message

NewPBWarnMessage creates a "warn" RPC client message

Types

type Server 

type Server struct {
	pb.UnimplementedMerlinServer
	// contains filtered or unexported fields
}

Server is the structure used with the RPC service

func (*Server) Any 

func (s *Server) Any(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Any is used to execute arbitrary Agent commands. The first argument is the command to execute, and the remaining arguments are passed to the command in.Arguments[0] = command to execute (e.g., connect, download) in.Arguments[1:] = arguments to pass to the command

func (*Server) CD 

func (s *Server) CD(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

CD is used to change the agent's current working directory in.Arguments[0] = the directory path to change to

func (*Server) CMD 

func (s *Server) CMD(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

CMD is used to send a command to the agent to run a command or execute a program in.Arguments[0] = "cmd" in.Arguments[1:] = program and arguments to be executed on the host OS of the running agent Used with `cmd` and `shell` commands as well as through "standard" modules

func (*Server) CheckIn 

func (s *Server) CheckIn(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

CheckIn creates an AgentInfo job that forces the Agent to send data back to the server

func (*Server) ClearJobs 

func (s *Server) ClearJobs(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

ClearJobs removes any jobs the queue for a specific Agent that have been created, but NOT sent to the agent

func (*Server) ClearJobsCreated 

func (s *Server) ClearJobsCreated(ctx context.Context, e *emptypb.Empty) (msg *pb.Message, err error)

ClearJobsCreated clears all created (but unsent) jobs for all agents

func (*Server) Connect 

func (s *Server) Connect(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Connect instructs an Agent to disconnect from its current server and connect to the new provided target in.Arguments[0] = the target address or URI to connect to

func (*Server) CreateListener 

func (s *Server) CreateListener(ctx context.Context, in *pb.Options) (msg *pb.Message, err error)

CreateListener instantiates a new Listener on the RPC server

func (*Server) Download 

func (s *Server) Download(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Download is used to download the file through the corresponding agent from the provided input file path in.Arguments[0] = the file path to download

func (*Server) ENV 

func (s *Server) ENV(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

ENV is used to view or modify a host's environment variables in.Arguments[0] = the action to take (e.g., get, set, showall, unset) in.Arguments[1] = the name of the environment variable to modify in.Arguments[2] = the value to set the environment variable to

func (*Server) ExecuteAssembly 

func (s *Server) ExecuteAssembly(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

ExecuteAssembly calls the donut module to create shellcode from a .NET 4.0 assembly and then uses the CreateProcess module to create a job that executes the shellcode in a remote process in.Arguments[0] .NET assembly File bytes as Base64 string in.Arguments[1] .NET assembly arguments in.Arguments[2] SpawnTo path in.Arguments[3] SpawnTo arguments

func (*Server) ExecutePE 

func (s *Server) ExecutePE(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

ExecutePE calls the donut module to create shellcode from PE and then uses the CreateProcess module to create a job that executes the shellcode in a remote process in.Arguments[0] PE file bytes as Base64 string in.Arguments[1] PE arguments in.Arguments[2] SpawnTo path in.Arguments[3] SpawnTo arguments

func (*Server) ExecuteShellcode 

func (s *Server) ExecuteShellcode(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

ExecuteShellcode calls the corresponding shellcode module to create a job that executes the provided shellcode in.Arguments[0] shellcode bytes as Base64 string in.Arguments[1] shellcode execution method (e.g., self|remote|RtlCreateUserThread|UserAPC) in.Arguments[2] PID to inject shellcode into (not used with the "self" method)

func (*Server) Exit 

func (s *Server) Exit(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

Exit instructs the agent to quit running

func (*Server) GetAgent 

func (s *Server) GetAgent(ctx context.Context, id *pb.ID) (agentInfo *pb.AgentInfo, err error)

GetAgent returns Agent configuration information for the provided id

func (*Server) GetAgentActiveJobs 

func (s *Server) GetAgentActiveJobs(ctx context.Context, id *pb.ID) (*pb.Jobs, error)

GetAgentActiveJobs returns all jobs that have not completed for the specified Agent 

func (s *Server) GetAgentLinks(ctx context.Context, id *pb.ID) (*pb.Slice, error)

GetAgentLinks returns a list of linked child Agent IDs

func (*Server) GetAgentRows 

func (s *Server) GetAgentRows(ctx context.Context, e *emptypb.Empty) (*pb.TableData, error)

GetAgentRows returns certain pieces of information for all Agents that can later be displayed in a table on the client

func (*Server) GetAgentStatus 

func (s *Server) GetAgentStatus(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

GetAgentStatus returns the status of an Agent (e.g., alive, dead, or delayed)

func (*Server) GetAgents 

func (s *Server) GetAgents(ctx context.Context, e *emptypb.Empty) (*pb.Slice, error)

GetAgents returns a list of existing Agent UUID values

func (*Server) GetAllActiveJobs 

func (s *Server) GetAllActiveJobs(ctx context.Context, e *emptypb.Empty) (*pb.Jobs, error)

GetAllActiveJobs returns all Agent jobs that have not completed

func (*Server) GetAllJobs 

func (s *Server) GetAllJobs(ctx context.Context, e *emptypb.Empty) (*pb.Jobs, error)

GetAllJobs returns all Agent jobs from the server

func (*Server) GetListenerDefaultOptions 

func (s *Server) GetListenerDefaultOptions(ctx context.Context, in *pb.String) (options *pb.Options, err error)

GetListenerDefaultOptions returns all the available options for a listener type, not for a previously instantiated listener

func (*Server) GetListenerIDs 

func (s *Server) GetListenerIDs(ctx context.Context, e *emptypb.Empty) (*pb.Slice, error)

GetListenerIDs returns a list of all the previously instantiated listeners on the RPC server

func (*Server) GetListenerOptions 

func (s *Server) GetListenerOptions(ctx context.Context, id *pb.ID) (options *pb.Options, err error)

GetListenerOptions returns a previously instantiated listener's options

func (*Server) GetListenerStatus 

func (s *Server) GetListenerStatus(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

GetListenerStatus returns the status of a previously instantiated listener

func (*Server) GetListenerTypes 

func (s *Server) GetListenerTypes(ctx context.Context, e *emptypb.Empty) (*pb.Slice, error)

GetListenerTypes returns a list of all available Listener types (e.g. http, tcp, etc.)

func (*Server) GetListeners 

func (s *Server) GetListeners(ctx context.Context, e *emptypb.Empty) (table *pb.TableData, err error)

GetListeners returns a list of all instantiated Listeners

func (*Server) GetModule 

func (s *Server) GetModule(ctx context.Context, in *pb.String) (data *pb.Module, err error)

GetModule returns all the information needed to instantiate a module object on the RPC client from the RPC server

func (*Server) GetModuleList 

func (s *Server) GetModuleList(ctx context.Context, e *emptypb.Empty) (data *pb.Slice, err error)

GetModuleList returns a list of all modules from the RPC server

func (*Server) GroupAdd 

func (s *Server) GroupAdd(ctx context.Context, in *pb.Group) (msg *pb.Message, err error)

GroupAdd adds an Agent to the provided group

func (*Server) GroupList 

func (s *Server) GroupList(ctx context.Context, id *pb.ID) (*pb.Slice, error)

GroupList lists Agents that are part of a specific group id.Id contains the group name as a string

func (*Server) GroupListAll 

func (s *Server) GroupListAll(ctx context.Context, e *emptypb.Empty) (*pb.GroupMembers, error)

GroupListAll returns all existing Agent groups and their members

func (*Server) GroupRemove 

func (s *Server) GroupRemove(ctx context.Context, in *pb.Group) (msg *pb.Message, err error)

GroupRemove removes an Agent from an Agent group

func (*Server) Groups 

func (s *Server) Groups(ctx context.Context, e *emptypb.Empty) (*pb.Slice, error)

Groups return a list of all Agent groups on the RPC server

func (*Server) IFConfig 

func (s *Server) IFConfig(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

func (*Server) InvokeAssembly 

func (s *Server) InvokeAssembly(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

InvokeAssembly executes an assembly that was previously loaded with the load-assembly command in.Arguments[0] = the assembly name in.Arguments[1:] = arguments to pass to the assembly

func (*Server) JA3 

func (s *Server) JA3(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

JA3 is used to change the Agent's JA3 signature in.Arguments[0] = the JA3 string to change to the TLS client to

func (*Server) KillDate 

func (s *Server) KillDate(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

KillDate configures the date and time that the agent will stop running in.Arguments[0] = Unix epoch date and time the Agent should stop running

func (*Server) KillProcess 

func (s *Server) KillProcess(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

KillProcess tasks an agent to kill a process by its number identifier in.Arguments[0] = the process ID to kill

func (*Server) LS 

func (s *Server) LS(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

LS uses native Go to list the directory contents of the provided path in.Arguments[0] = the directory path to list

func (*Server) LinkAgent 

func (s *Server) LinkAgent(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

LinkAgent tasks a parent agent to connect to and link a child agent in.Arguments[0] = the link method (e.g., add|list|remove|refresh|tcp|udp|smb) in.Arguments[1] = method arguments

func (*Server) ListAssemblies 

func (s *Server) ListAssemblies(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

ListAssemblies instructs the agent to list the .NET assemblies that are currently loaded into the agent's process .NET assemblies are loaded with the LoadAssembly call

func (*Server) Listen 

func (s *Server) Listen(in *pb.ID, stream pb.Merlin_ListenServer) error

Listen provides a stream of messages for a CLI client

func (*Server) ListenForClientMessages 

func (s *Server) ListenForClientMessages()

ListenForClientMessages is an infinite routine listening for RPC client messages from the server to send to the client

func (*Server) Listener 

func (s *Server) Listener(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Listener interacts with Agent listeners used for peer-to-peer communications in.Arguments[0] = the listener method (e.g., list|start|stop) in.Arguments[1] = method arguments

func (*Server) LoadAssembly 

func (s *Server) LoadAssembly(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

LoadAssembly instructs the agent to load a .NET assembly into the agent's process in.Arguments[0] = a Base64 encoded string of the assembly bytes in.Arguments[1] = the assembly name in.Arguments[2] = calculated SHA256 hash of the assembly

func (*Server) LoadCLR 

func (s *Server) LoadCLR(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

LoadCLR loads the .NET Common Language Runtime (CLR) into the agent's process. .NET assemblies can subsequently be loaded with the LoadAssembly call and executed with the InvokeAssembly call in.Arguments[0] = the .NET CLR version to load (e.g., v2.0.50727, v4.0.30319, or v4.0)

func (*Server) MEMFD 

func (s *Server) MEMFD(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

MEMFD run a linux executable "from memory" in.Arguments[0] = the executable as a base64 encoded string in.Arguments[1:] = arguments to pass to the executable

func (*Server) MaxRetry 

func (s *Server) MaxRetry(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

MaxRetry configures the amount of times an Agent will try to check in before it quits

func (*Server) Memory 

func (s *Server) Memory(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Memory interacts with virtual memory on the operating system where the agent is running in.Arguments[0] = the memory method (e.g., read|write|patch) in.Arguments[1:] = method arguments

func (*Server) Netstat 

func (s *Server) Netstat(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Netstat is used to print network connections on the target system in.Arguments[0] = -p OPTIONAL in.Arguments[1] = the protocol to filter on (e.g., tcp or udp) OPTIONAL

func (*Server) Note 

func (s *Server) Note(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Note sets a note on the Agent's Note field args[0:] = the note to set

func (*Server) Nslookup 

func (s *Server) Nslookup(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Nslookup instructs the agent to perform a DNS query on the input in.Arguments[0: ] = the host name or IP address to query

func (*Server) PS 

func (s *Server) PS(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

PS displays running processes

func (*Server) PWD 

func (s *Server) PWD(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

PWD is used to print the Agent's current working directory

func (*Server) Padding 

func (s *Server) Padding(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Padding configures the maximum size for the random amount of padding added to each message in.Arguments[0] = the maximum size of the padding

func (*Server) Parrot 

func (s *Server) Parrot(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Parrot configures the Agent's HTTP connection to mimic a specific browser in.Arguments[0] = the browser to mimic (e.g., HelloChrome_Auto)

func (*Server) Pipes 

func (s *Server) Pipes(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

Pipes enumerates and displays named pipes on Windows hosts only

func (*Server) RM 

func (s *Server) RM(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

RM removes or deletes a file in.Arguments[0] = the file path to remove

func (*Server) Reconnect 

func (s *Server) Reconnect(ctx context.Context, id *pb.ID) (*pb.ID, error)

Reconnect is used by RPC client's to re-establish a connection to the RPC server

func (*Server) Register 

func (s *Server) Register(ctx context.Context, e *emptypb.Empty) (*pb.ID, error)

Register is used by CLI clients to register with the RPC server

func (*Server) Remove 

func (s *Server) Remove(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

Remove deletes the agent from the server

func (*Server) RemoveListener 

func (s *Server) RemoveListener(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

RemoveListener deletes an instantiated Listener on the RPC server

func (*Server) RestartListener 

func (s *Server) RestartListener(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

RestartListener restarts a listener on the RPC server

func (*Server) RunAs 

func (s *Server) RunAs(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

RunAs creates a new process as the provided user in.Arguments[0] = the domain\username to run the program as in.Arguments[1] = the password for the provided user in.Arguments[2] = the program to run in.Arguments[3:] = the arguments to pass to the program

func (*Server) RunModule 

func (s *Server) RunModule(ctx context.Context, m *pb.ModuleRun) (msgs *pb.Messages, err error)

RunModule executes the provided module

func (*Server) SSH 

func (s *Server) SSH(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

SSH executes a command on a remote host through the SSH protocol and returns the output in.Arguments[0] = SSH username in.Arguments[1] = SSH password in.Arguments[2] = the SSH host:port in.Arguments[3] = the program to execute in.Arguments[4] = program arguments (optional)

func (*Server) SecureDelete 

func (s *Server) SecureDelete(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

SecureDelete securely deletes supplied file in.Arguments[0] = the file path to securely delete

func (*Server) Servers 

func (s *Server) Servers(ctx context.Context, e *emptypb.Empty) (*pb.Slice, error)

Servers return a list of supported listener types

func (*Server) SetListenerOption 

func (s *Server) SetListenerOption(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

SetListenerOption modifies a configurable listener option on the RPC server

func (*Server) SharpGen 

func (s *Server) SharpGen(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

SharpGen generates a .NET core assembly, converts it to shellcode with go-donut, and executes it in the spawnto process in.Arguments[0] = the .NET Core C# code, as a string, to compile in.Arguments[1] = the SpawnTo process to inject the shellcode into in.Arguments[2] = the arguments to pass to the SpawnTo process (optional)

func (*Server) Skew 

func (s *Server) Skew(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Skew configures the amount of skew an Agent uses to randomize checkin times in.Arguments[0] = the amount of skew to use

func (*Server) Sleep 

func (s *Server) Sleep(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Sleep configures the Agent's sleep time between checkins in.Arguments[0] = the amount of time to sleep between checkins

func (*Server) Socks 

func (s *Server) Socks(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Socks creates a TCP listener on the provided port and forwards SOCKS5 traffic to the provided agent in.Arguments[0] = method in.Arguments[1] = interface:port in.Arguments[2] = agent ID

func (*Server) StartListener 

func (s *Server) StartListener(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

StartListener starts a previously instantiated listener on the RPC server

func (*Server) StopListener 

func (s *Server) StopListener(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

StopListener stops a previously instantiated listener on the RPC server

func (*Server) Token 

func (s *Server) Token(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Token is used to interact with Windows Access Tokens on the agent args[0] = the token method (e.g., make|privs|rev2self|steal|whoami) args[1:] = method arguments

func (*Server) Touch 

func (s *Server) Touch(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Touch matches the destination file's timestamps with source file in.Arguments[0] = the source file in.Arguments[1] = the destination file

func (*Server) UnlinkAgent 

func (s *Server) UnlinkAgent(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

UnlinkAgent instructs the parent Agent to close, or unlink, the connection with the child Agent in.Arguments[0] = the child Agent's UUID

func (*Server) Upload 

func (s *Server) Upload(ctx context.Context, in *pb.AgentCMD) (msg *pb.Message, err error)

Upload transfers a file from the Merlin Server to the Agent in.Arguments[0] = the source file as a base64 encoded string in.Arguments[1] = the destination file path

func (*Server) Uptime 

func (s *Server) Uptime(ctx context.Context, id *pb.ID) (msg *pb.Message, err error)

Uptime retrieves the target host's uptime. Windows only

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service holds the implementation of the RPC Server structure as a service

func NewRPCService 

func NewRPCService(password string, secure bool, tlsCert, tlsKey, tlsCA string) (*Service, error)

NewRPCService is a factory to instantiate the server-side RPC Service, and it's an embedded Server structure

func (*Service) Run 

func (s *Service) Run(addr string) error

Run is the primary entry point for start and run this RPC service

func (*Service) SendClientMessage 

func (s *Service) SendClientMessage(msg *message.Message)

SendClientMessage sends a message to all connected CLI clients

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.