Documentation
¶
Index ¶
- func ExecuteCommand(name string, arg string) (stdout string, stderr string)
- func ExecuteShellcodeQueueUserAPC(shellcode []byte, pid uint32) error
- func ExecuteShellcodeRemote(shellcode []byte, pid uint32) error
- func ExecuteShellcodeRtlCreateUserThread(shellcode []byte, pid uint32) error
- func ExecuteShellcodeSelf(shellcode []byte) error
- type Agent
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExecuteCommand ¶
ExecuteCommand is function used to instruct an agent to execute a command on the host operating system
func ExecuteShellcodeQueueUserAPC ¶ added in v0.6.4
ExecuteShellcodeQueueUserAPC executes provided shellcode in the provided target process using the Windows QueueUserAPC API call
func ExecuteShellcodeRemote ¶ added in v0.6.4
ExecuteShellcodeRemote executes provided shellcode in the provided target process
func ExecuteShellcodeRtlCreateUserThread ¶ added in v0.6.4
ExecuteShellcodeRtlCreateUserThread executes provided shellcode in the provided target process using the Windows RtlCreateUserThread call
func ExecuteShellcodeSelf ¶ added in v0.6.4
ExecuteShellcodeSelf executes provided shellcode in the current process
Types ¶
type Agent ¶ added in v0.5.0
type Agent struct {
ID uuid.UUID // ID is a Universally Unique Identifier per agent
Platform string // Platform is the operating system platform the agent is running on (i.e. windows)
Architecture string // Architecture is the operating system architecture the agent is running on (i.e. amd64)
UserName string // UserName is the username that the agent is running as
UserGUID string // UserGUID is a Globally Unique Identifier associated with username
HostName string // HostName is the computer's host name
Ips []string // Ips is a slice of all the IP addresses assigned to the host's interfaces
Pid int // Pid is the Process ID that the agent is running under
Version string // Version is the version number of the Merlin Agent program
Build string // Build is the build number of the Merlin Agent program
WaitTime time.Duration // WaitTime is how much time the agent waits in-between checking in
PaddingMax int // PaddingMax is the maximum size allowed for a randomly selected message padding length
MaxRetry int // MaxRetry is the maximum amount of failed check in attempts before the agent quits
FailedCheckin int // FailedCheckin is a count of the total number of failed check ins
Skew int64 // Skew is size of skew added to each WaitTime to vary check in attempts
Verbose bool // Verbose enables verbose messages to standard out
Debug bool // Debug enables debug messages to standard out
Proto string // Proto contains the transportation protocol the agent is using (i.e. h2 or hq)
Client *http.Client // Client is an http.Client object used to make HTTP connections for agent communications
UserAgent string // UserAgent is the user agent string used with HTTP connections
KillDate int64 // killDate is a unix timestamp that denotes a time the executable will not run after (if it is 0 it will not be used)
// contains filtered or unexported fields
}
Agent is a structure for agent objects. It is not exported to force the use of the New() function
Source Files
Click to show internal directories.
Click to hide internal directories.