agents

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 20, 2022 License: GPL-3.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CD 

func CD(agentID uuid.UUID, Args []string) messages.UserMessage

CD is used to change the agent's current working directory

func CMD 

func CMD(agentID uuid.UUID, Args []string) messages.UserMessage

CMD is used to send a command to the agent to run a command or execute a program Args[0] = "cmd" Args[1:] = program and arguments to be executed on the host OS of the running agent Used with `cmd` and `shell` commands as well as through "standard" modules

func ClearJobs 

func ClearJobs(agentID uuid.UUID) messages.UserMessage

ClearJobs removes any jobs the queue that have been created, but NOT sent to the agent

func ClearJobsCreated added in v1.1.0 

func ClearJobsCreated() messages.UserMessage

ClearJobsCreated clears all created (but unsent) jobs for all agents

func Download 

func Download(agentID uuid.UUID, Args []string) messages.UserMessage

Download is used to download the file through the corresponding agent from the provided input file path Args[0] = download Args[1] = file path to download

func ENV added in v1.1.0 

func ENV(agentID uuid.UUID, Args []string) messages.UserMessage

ENV is used to view or modify a host's environment variables

func ExecuteAssembly 

func ExecuteAssembly(agentID uuid.UUID, Args []string) messages.UserMessage

ExecuteAssembly calls the donut module to create shellcode from a .NET 4.0 assembly and then uses the CreateProcess module to create a job that executes the shellcode in a remote process

func ExecutePE 

func ExecutePE(agentID uuid.UUID, Args []string) messages.UserMessage

ExecutePE calls the donut module to create shellcode from PE and then uses the CreateProcess module to create a job that executes the shellcode in a remote process

func ExecuteShellcode 

func ExecuteShellcode(agentID uuid.UUID, Args []string) messages.UserMessage

ExecuteShellcode calls the corresponding shellcode module to create a job that executes the provided shellcode Args[0] = "execute-shellcode Args[1] = Shellcode execution method [self, remote, rtlcreateuserthread, userapc]

func Exit added in v1.1.0 

func Exit(agentID uuid.UUID, Args []string) messages.UserMessage

Exit instructs the agent to quit running

func GetAgentInfo 

func GetAgentInfo(agentID uuid.UUID) ([][]string, messages.UserMessage)

GetAgentInfo returns rows of data about an Agent's configuration that can be displayed in a table

func GetAgentStatus 

func GetAgentStatus(agentID uuid.UUID) (string, messages.UserMessage)

GetAgentStatus determines if the agent is active, delayed, or dead based on its last checkin time

func GetAgents 

func GetAgents() (agentList []uuid.UUID)

GetAgents returns a list of existing Agent UUID values

func GetAgentsRows 

func GetAgentsRows() (header []string, rows [][]string)

GetAgentsRows returns a row of data for every agent that includes information about it such as the Agent's GUID, platform, user, host, transport, and status

func GetJobs added in v1.1.0 

func GetJobs() [][]string

GetJobs enumerates all created (but unsent) jobs across all agents

func GetJobsForAgent 

func GetJobsForAgent(agentID uuid.UUID) ([][]string, messages.UserMessage)

GetJobsForAgent enumerates all jobs and their status

func GroupAdd added in v1.1.0 

func GroupAdd(agentID uuid.UUID, groupName string) messages.UserMessage

GroupAdd adds an agent to a server-side grouping

func GroupList added in v1.1.0 

func GroupList(groupName string) []string

GroupList lists agents that are part of a specific group

func GroupListAll added in v1.1.0 

func GroupListAll() [][]string

GroupListAll returns a table of {groupName, agentID}

func GroupListNames added in v1.1.0 

func GroupListNames() []string

GroupListNames returns array of active group names

func GroupRemove added in v1.1.0 

func GroupRemove(agentID uuid.UUID, groupName string) messages.UserMessage

GroupRemove removes an agent from a group

func IFConfig added in v1.1.0 

func IFConfig(agentID uuid.UUID) messages.UserMessage

IFConfig lists the agent's network adapter information

func InvokeAssembly 

func InvokeAssembly(agentID uuid.UUID, Args []string) messages.UserMessage

InvokeAssembly executes an assembly that was previously loaded with the load-assembly command

func JA3 added in v1.1.0 

func JA3(agentID uuid.UUID, Args []string) messages.UserMessage

JA3 is used to change the Agent's JA3 signature

func KillDate added in v1.1.0 

func KillDate(agentID uuid.UUID, Args []string) messages.UserMessage

KillDate configures the date and time that the agent will stop running

func KillProcess added in v1.1.0 

func KillProcess(agentID uuid.UUID, Args []string) messages.UserMessage

KillProcess tasks an agent to kill a process by its number identifier

func LS 

func LS(agentID uuid.UUID, Args []string) messages.UserMessage

LS uses native Go to list the directory

func ListAssemblies 

func ListAssemblies(agentID uuid.UUID) messages.UserMessage

ListAssemblies instructs the agent to list all of the .NET assemblies that are currently loaded into the agent's process .NET assemblies are loaded with the LoadAssembly call

func LoadAssembly 

func LoadAssembly(agentID uuid.UUID, Args []string) messages.UserMessage

LoadAssembly reads in a .NET assembly and sends it to the agent so it can be loaded into a CLR AppDomain for later execution

func LoadCLR 

func LoadCLR(agentID uuid.UUID, Args []string) messages.UserMessage

LoadCLR loads the .NET Common Language Runtime (CLR) into the agent's process .NET assemblies can subsequently be loaded with the LoadAssembly call and executed with the InvokeAssembly call

func MEMFD 

func MEMFD(agentID uuid.UUID, Args []string) messages.UserMessage

MEMFD run a linux executable from memory

func MaxRetry added in v1.1.0 

func MaxRetry(agentID uuid.UUID, Args []string) messages.UserMessage

MaxRetry configures the amount of times an Agent will try to checkin before it quits

func Memory added in v1.4.0 

func Memory(agentID uuid.UUID, Args []string) messages.UserMessage

Memory interacts with virtual memory on the operating system where the agent is running

func NSLOOKUP 

func NSLOOKUP(agentID uuid.UUID, Args []string) messages.UserMessage

NSLOOKUP instructs the agent to perform a DNS query on the input

func Netstat added in v1.1.0 

func Netstat(agentID uuid.UUID, Args []string) messages.UserMessage

Netstat is used to print network connections on the target system Supports a "-p tcp" or "-p udp"

func Note added in v1.1.0 

func Note(agentID uuid.UUID, Args []string) messages.UserMessage

Note sets a note on the Agent's Note field

func PS added in v1.1.0 

func PS(agentID uuid.UUID) messages.UserMessage

PS displays running processes

func PWD 

func PWD(agentID uuid.UUID, Args []string) messages.UserMessage

PWD is used to print the Agent's current working directory

func Padding added in v1.1.0 

func Padding(agentID uuid.UUID, Args []string) messages.UserMessage

Padding configures the maxium size for the random amount of padding added to each message

func Pipes added in v1.1.0 

func Pipes(agentID uuid.UUID) messages.UserMessage

Pipes enumerates and displays named pipes on Windows hosts only

func RM added in v1.2.0 

func RM(agentID uuid.UUID, Args []string) messages.UserMessage

RM removes, or deletes, a file

func Remove 

func Remove(agentID uuid.UUID) messages.UserMessage

Remove deletes the agent from the server

func RunAs added in v1.2.0 

func RunAs(agentID uuid.UUID, Args []string) messages.UserMessage

RunAs creates a new process as the provided user

func SSH added in v1.2.0 

func SSH(agentID uuid.UUID, Args []string) messages.UserMessage

SSH executes a command on a remote host through the SSH protocol and returns the output

func SecureDelete added in v1.1.0 

func SecureDelete(agentID uuid.UUID, Args []string) messages.UserMessage

SecureDelete securely deletes supplied file

func SharpGen 

func SharpGen(agentID uuid.UUID, Args []string) messages.UserMessage

SharpGen generates a .NET core assembly, converts it to shellcode with go-donut, and executes it in the spawnto process

func Skew added in v1.1.0 

func Skew(agentID uuid.UUID, Args []string) messages.UserMessage

Skew configures the amount of skew an Agent uses to randomize checkin times

func Sleep added in v1.1.0 

func Sleep(agentID uuid.UUID, Args []string) messages.UserMessage

Sleep configures the Agent's sleep time between checkins

func Socks added in v1.5.0 

func Socks(agentID uuid.UUID, Args []string) messages.UserMessage

Socks creates a TCP listener on the provided port and forwards SOCKS5 traffic to the provided agent

func Token added in v1.2.0 

func Token(agentID uuid.UUID, Args []string) messages.UserMessage

Token is used to interact with Windows Access Tokens on the agent

func Touch added in v1.1.0 

func Touch(agentID uuid.UUID, Args []string) messages.UserMessage

Touch matches the destination file's timestamps with source file

func Upload 

func Upload(agentID uuid.UUID, Args []string) messages.UserMessage

Upload transfers a file from the Merlin Server to the Agent

func Uptime added in v1.1.0 

func Uptime(agentID uuid.UUID) messages.UserMessage

Uptime retrieves the target host's uptime. Windows only

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.