Documentation
¶
Index ¶
Constants ¶
const ( TvRefresh uint8 = 0xC0 TvDownload uint8 = 0xC1 TvUpload uint8 = 0xC2 TvExecute uint8 = uint8(Execute) TvCode uint8 = 0xC4 )
Built in Task Message ID Values
TvRefresh - 192 TvUpload - 193 TvDownload - 194 TvExecute - 195 TvCode - 196
const Execute = exec(0xC3)
Execute represents the execute Tasklet. This can be used to instruct a client to execute a specific command.
const File = file(0)
File is a tasklet that is responsible for Uploads to Server (Pull) and Downloading to Client (Push).
const Inject = code(0xC4)
Inject represents the code injection Tasklet. This can be used to instruct a client to execute shellcode.
Variables ¶
var Mappings = [256]Tasker{ TvDownload: simpleTask(TvDownload), TvUpload: simpleTask(TvUpload), TvCode: Inject, TvExecute: Execute, TvRefresh: simpleTask(TvRefresh), wintask.InjectDLL: wintask.InjectDLL, }
Mappings is an fixed size array that contains the Tasker mappings for each ID value. Values that are less than 22 are ignored. Adding a mapping to here will allow it to be executed via the client Scheduler.
Functions ¶
func RegisterEngine ¶
RegisterEngine is a function that can be used to register a Scripting engine into the XMT client tasking runtime. Script engines can increase the footprint of the compiled binary, so engines must be registed manually.
See the 'cmd/script' package for scripting engines.
Types ¶
type Code ¶
Code is a struct that is similar to the 'cmd.Code' struct. This is used to Task a Client with running shellcode on devices. This struct has many of the functionallies of the standard 'cmd.Code' function. The 'SetParent' function will attempt to set the target that runs the shellcode. If none are specified, the shellcode will be injected into the current process.
func (Code) MarshalStream ¶
MarshalStream writes the data for this Code thread to the supplied Writer.
type Engine ¶
Engine is an interface that allows for extending XMT with non-compiled code for easy deployability and flexibility. Each Script interface contains a single function that will take a Context, an environment block and the script code string.
The result of this function will be the output of the script and any errors that may occur. By default, the 'ID', 'OS', 'PID' 'PPID', 'OSVER' and 'HOSTNAME' variables are built-in to assist with code runtime.
type Process ¶
type Process struct {
Filter *cmd.Filter
Dir string
Env, Args []string
Stdin []byte
Timeout time.Duration
Flags uint32
Wait bool
Hide bool
}
Process is a struct that is similar to the 'cmd.Process' struct. This is used to Task a Client with running a specified command. These can be submitted to the Execute tasklet.
func (Process) MarshalStream ¶
MarshalStream writes the data for this Process to the supplied Writer.
func (*Process) SetFlags ¶
SetFlags will set the startup Flag values used for Windows programs. This function overrites many of the 'Set*' functions. Has no effect if the device is not running Windows.
func (*Process) SetParent ¶
SetParent will instruct the Process to choose a parent with the supplied process Filter. If the Filter is nil this will use the current process (default). This function has no effect if the device is not running Windows. Setting the Parent process will automatically set 'SetNewConsole' to true.
Source Files
Directories