modules

package
v0.0.0-...-5262aa1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 7, 2021 License: GPL-3.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetModuleList

func GetModuleList() func(string) []string

GetModuleList generates and returns a list of all modules in Merlin's "module" directory folder. Used with tab completion

func Run

func Run(m Module) ([]string, error)

Run function returns an array of commands to execute the module on an agent

Types

type Module

type Module struct {
	Agent        uuid.UUID   // The Agent that will later be associated with this module prior to execution
	Name         string      `json:"name"`                 // Name of the module
	Type         string      `json:"type"`                 // Type of module (i.e. standard or extended)
	Author       []string    `json:"author"`               // A list of module authors
	Credits      []string    `json:"credits"`              // A list of people to credit for underlying tool or techniques
	Path         []string    `json:"path"`                 // Path to the module (i.e. data/modules/powershell/powerview)
	Platform     string      `json:"platform"`             // Platform the module can run on (i.e. Windows, Linux, Darwin, or ALL)
	Arch         string      `json:"arch"`                 // The Architecture the module can run on (i.e. x86, x64, MIPS, ARM, or ALL)
	Lang         string      `json:"lang"`                 // What language does the module execute in (i.e. PowerShell, Python, or Perl)
	Priv         bool        `json:"privilege"`            // Does this module required a privileged level account like root or SYSTEM?
	Description  string      `json:"description"`          // A description of what the module does
	Notes        string      `json:"notes"`                // Additional information or notes about the module
	Commands     []string    `json:"commands"`             // A list of commands to be run on the agent
	SourceRemote string      `json:"remote"`               // Online or remote source code for a module
	SourceLocal  []string    `json:"local"`                // The local file path to the script or payload
	Options      []Option    `json:"options"`              // A list of configurable options/arguments for the module
	Powershell   interface{} `json:"powershell,omitempty"` // An option json object containing commands and configuration items specific to PowerShell
}

Module is a structure containing the base information or template for modules

func Create

func Create(modulePath string) (Module, error)

Create is module function used to instantiate a module object using the provided file path to a module's json file

func (*Module) GetOptionsList

func (m *Module) GetOptionsList() func(string) []string

GetOptionsList generates and returns a list of the module's configurable options. Used with tab completion

func (*Module) SetAgent

func (m *Module) SetAgent(agentUUID string) (string, error)

SetAgent is used to set the agent associated with the module.

func (*Module) SetOption

func (m *Module) SetOption(option string, value []string) (string, error)

SetOption is used to change the passed in module option's value. Used when a user is configuring a module

func (*Module) ShowInfo

func (m *Module) ShowInfo()

ShowInfo function displays all of the information about a module to include items such as authors and options

func (*Module) ShowOptions

func (m *Module) ShowOptions()

ShowOptions function is used to display only a module's configurable options

type Option

type Option struct {
	Name        string `json:"name"`        // Name of the option
	Value       string `json:"value"`       // Value of the option
	Required    bool   `json:"required"`    // Is this a required option?
	Flag        string `json:"flag"`        // The command line flag used for the option
	Description string `json:"description"` // A description of the option
}

Option is a structure containing the keys for the object

type PowerShell

type PowerShell struct {
	DisableAV   bool // Disable Windows Real Time "Set-MpPreference -DisableRealtimeMonitoring $true"
	Obfuscation bool // Unimplemented command to obfuscated powershell
	Base64      bool // Base64 encode the powershell command?
}

PowerShell structure is used to describe additional PowerShell features for modules that leverage PowerShell

Directories

Path Synopsis
winapi

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL