Module: Rex::Post::Meterpreter
- Defined in:
- lib/rex/post/meterpreter/pivot.rb,
lib/rex/post/meterpreter/client.rb,
lib/rex/post/meterpreter/packet.rb,
lib/rex/post/meterpreter/channel.rb,
lib/rex/post/meterpreter/core_ids.rb,
lib/rex/post/meterpreter/extension.rb,
lib/rex/post/meterpreter/ui/console.rb,
lib/rex/post/meterpreter/client_core.rb,
lib/rex/post/meterpreter/channels/pool.rb,
lib/rex/post/meterpreter/packet_parser.rb,
lib/rex/post/meterpreter/object_aliases.rb,
lib/rex/post/meterpreter/channels/stream.rb,
lib/rex/post/meterpreter/pivot_container.rb,
lib/rex/post/meterpreter/extension_mapper.rb,
lib/rex/post/meterpreter/channel_container.rb,
lib/rex/post/meterpreter/channels/datagram.rb,
lib/rex/post/meterpreter/packet_dispatcher.rb,
lib/rex/post/meterpreter/extensions/priv/fs.rb,
lib/rex/post/meterpreter/channels/pools/file.rb,
lib/rex/post/meterpreter/extensions/kiwi/tlv.rb,
lib/rex/post/meterpreter/extensions/priv/tlv.rb,
lib/rex/post/meterpreter/extensions/espia/tlv.rb,
lib/rex/post/meterpreter/extensions/kiwi/kiwi.rb,
lib/rex/post/meterpreter/extensions/priv/priv.rb,
lib/rex/post/meterpreter/extensions/stdapi/ui.rb,
lib/rex/post/meterpreter/extensions/appapi/tlv.rb,
lib/rex/post/meterpreter/extensions/extapi/tlv.rb,
lib/rex/post/meterpreter/extensions/python/tlv.rb,
lib/rex/post/meterpreter/extensions/stdapi/tlv.rb,
lib/rex/post/meterpreter/extensions/unhook/tlv.rb,
lib/rex/post/meterpreter/extensions/android/tlv.rb,
lib/rex/post/meterpreter/extensions/espia/espia.rb,
lib/rex/post/meterpreter/extensions/priv/passwd.rb,
lib/rex/post/meterpreter/extensions/sniffer/tlv.rb,
lib/rex/post/meterpreter/extensions/winpmem/tlv.rb,
lib/rex/post/meterpreter/inbound_packet_handler.rb,
lib/rex/post/meterpreter/packet_response_waiter.rb,
lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb,
lib/rex/post/meterpreter/extensions/appapi/appapi.rb,
lib/rex/post/meterpreter/extensions/extapi/extapi.rb,
lib/rex/post/meterpreter/extensions/incognito/tlv.rb,
lib/rex/post/meterpreter/extensions/python/python.rb,
lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb,
lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb,
lib/rex/post/meterpreter/extensions/unhook/unhook.rb,
lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb,
lib/rex/post/meterpreter/extensions/lanattacks/tlv.rb,
lib/rex/post/meterpreter/extensions/peinjector/tlv.rb,
lib/rex/post/meterpreter/extensions/powershell/tlv.rb,
lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb,
lib/rex/post/meterpreter/extensions/stdapi/mic/mic.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/arp.rb,
lib/rex/post/meterpreter/channels/pools/stream_pool.rb,
lib/rex/post/meterpreter/extensions/android/android.rb,
lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb,
lib/rex/post/meterpreter/extensions/stdapi/fs/mount.rb,
lib/rex/post/meterpreter/extensions/winpmem/winpmem.rb,
lib/rex/post/meterpreter/channels/socket_abstraction.rb,
lib/rex/post/meterpreter/extensions/extapi/adsi/adsi.rb,
lib/rex/post/meterpreter/extensions/extapi/ntds/ntds.rb,
lib/rex/post/meterpreter/extensions/kiwi/command_ids.rb,
lib/rex/post/meterpreter/extensions/priv/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/route.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb,
lib/rex/post/meterpreter/extensions/espia/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/config.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb,
lib/rex/post/meterpreter/extensions/appapi/command_ids.rb,
lib/rex/post/meterpreter/extensions/extapi/command_ids.rb,
lib/rex/post/meterpreter/extensions/python/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/netstat.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/resolve.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb,
lib/rex/post/meterpreter/extensions/unhook/command_ids.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher.rb,
lib/rex/post/meterpreter/extensions/android/command_ids.rb,
lib/rex/post/meterpreter/extensions/incognito/incognito.rb,
lib/rex/post/meterpreter/extensions/sniffer/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb,
lib/rex/post/meterpreter/extensions/winpmem/command_ids.rb,
lib/rex/post/meterpreter/ui/console/interactive_channel.rb,
lib/rex/post/meterpreter/extensions/extapi/window/window.rb,
lib/rex/post/meterpreter/extensions/lanattacks/dhcp/dhcp.rb,
lib/rex/post/meterpreter/extensions/lanattacks/tftp/tftp.rb,
lib/rex/post/meterpreter/extensions/mimikatz/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb,
lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb,
lib/rex/post/meterpreter/extensions/incognito/command_ids.rb,
lib/rex/post/meterpreter/extensions/lanattacks/lanattacks.rb,
lib/rex/post/meterpreter/extensions/peinjector/peinjector.rb,
lib/rex/post/meterpreter/extensions/powershell/powershell.rb,
lib/rex/post/meterpreter/extensions/extapi/pageant/pageant.rb,
lib/rex/post/meterpreter/extensions/extapi/service/service.rb,
lib/rex/post/meterpreter/extensions/lanattacks/command_ids.rb,
lib/rex/post/meterpreter/extensions/peinjector/command_ids.rb,
lib/rex/post/meterpreter/extensions/powershell/command_ids.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/library.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/appapi.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/python.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/unhook.rb,
lib/rex/post/meterpreter/extensions/extapi/clipboard/clipboard.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/winpmem.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/const_manager.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/platform_util.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/library_helper.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/peinjector.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/powershell.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/mic.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/library_wrapper.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/adsi.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/osx/def_libc.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/library_function.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb,
lib/rex/post/meterpreter/extensions/stdapi/audio_output/audio_output.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/type/pointer_util.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/window.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/stream.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/linux/def_libc.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/osx/def_libobjc.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/dhcp.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/lanattacks/tftp.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/clipboard.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/osx/api_constants.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_ntdll.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_psapi.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_user32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_ws2_32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/linux/api_constants.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_crypt32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_shell32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_version.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_wlanapi.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_wldap32.rb,
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/audio_output.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_advapi32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_iphlpapi.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_kernel32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_netapi32.rb,
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/api_constants.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb,
lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb,
lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/remote_registry_key.rb
Defined Under Namespace
Modules: ChannelContainer, Channels, Extensions, HttpPacketDispatcher, InboundPacketHandler, ObjectAliasesContainer, PacketDispatcher, PivotContainer, SocketAbstraction, Ui Classes: Channel, Client, ClientCore, Datagram, Extension, ExtensionMapper, GroupTlv, ObjectAliases, Packet, PacketParser, PacketResponseWaiter, Pivot, PivotListener, RequestError, Stream, Tlv
Constant Summary collapse
- PACKET_TYPE_REQUEST =
Constants
0- PACKET_TYPE_RESPONSE =
1- PACKET_TYPE_PLAIN_REQUEST =
10- PACKET_TYPE_PLAIN_RESPONSE =
11- TLV_META_TYPE_NONE =
TLV Meta Types
0- TLV_META_TYPE_STRING =
(1 << 16)
- TLV_META_TYPE_UINT =
(1 << 17)
- TLV_META_TYPE_RAW =
(1 << 18)
- TLV_META_TYPE_BOOL =
(1 << 19)
- TLV_META_TYPE_QWORD =
(1 << 20)
- TLV_META_TYPE_COMPRESSED =
(1 << 29)
- TLV_META_TYPE_GROUP =
(1 << 30)
- TLV_META_TYPE_COMPLEX =
(1 << 31)
- TLV_META_MASK =
Exclude compressed from the mask since other meta types (e.g. RAW) can also be compressed
( TLV_META_TYPE_STRING | TLV_META_TYPE_UINT | TLV_META_TYPE_RAW | TLV_META_TYPE_BOOL | TLV_META_TYPE_QWORD | TLV_META_TYPE_GROUP | TLV_META_TYPE_COMPLEX )
- TLV_RESERVED =
TLV base starting points
0- TLV_EXTENSIONS =
20000- TLV_USER =
40000- TLV_TEMP =
60000- TLV_TYPE_ANY =
TLV Specific Types
TLV_META_TYPE_NONE | 0
- TLV_TYPE_COMMAND_ID =
TLV_META_TYPE_UINT | 1
- TLV_TYPE_REQUEST_ID =
TLV_META_TYPE_STRING | 2
- TLV_TYPE_EXCEPTION =
TLV_META_TYPE_GROUP | 3
- TLV_TYPE_RESULT =
TLV_META_TYPE_UINT | 4
- TLV_TYPE_STRING =
TLV_META_TYPE_STRING | 10
- TLV_TYPE_UINT =
TLV_META_TYPE_UINT | 11
- TLV_TYPE_BOOL =
TLV_META_TYPE_BOOL | 12
- TLV_TYPE_LENGTH =
TLV_META_TYPE_UINT | 25
- TLV_TYPE_DATA =
TLV_META_TYPE_RAW | 26
- TLV_TYPE_FLAGS =
TLV_META_TYPE_UINT | 27
- TLV_TYPE_CHANNEL_ID =
TLV_META_TYPE_UINT | 50
- TLV_TYPE_CHANNEL_TYPE =
TLV_META_TYPE_STRING | 51
- TLV_TYPE_CHANNEL_DATA =
TLV_META_TYPE_RAW | 52
- TLV_TYPE_CHANNEL_DATA_GROUP =
TLV_META_TYPE_GROUP | 53
- TLV_TYPE_CHANNEL_CLASS =
TLV_META_TYPE_UINT | 54
- TLV_TYPE_CHANNEL_PARENTID =
TLV_META_TYPE_UINT | 55
- TLV_TYPE_SEEK_WHENCE =
TLV_META_TYPE_UINT | 70
- TLV_TYPE_SEEK_OFFSET =
TLV_META_TYPE_UINT | 71
- TLV_TYPE_SEEK_POS =
TLV_META_TYPE_UINT | 72
- TLV_TYPE_EXCEPTION_CODE =
TLV_META_TYPE_UINT | 300
- TLV_TYPE_EXCEPTION_STRING =
TLV_META_TYPE_STRING | 301
- TLV_TYPE_LIBRARY_PATH =
TLV_META_TYPE_STRING | 400
- TLV_TYPE_TARGET_PATH =
TLV_META_TYPE_STRING | 401
- TLV_TYPE_MIGRATE_PID =
TLV_META_TYPE_UINT | 402
- TLV_TYPE_MIGRATE_PAYLOAD =
TLV_META_TYPE_RAW | 404
- TLV_TYPE_MIGRATE_ARCH =
TLV_META_TYPE_UINT | 405
- TLV_TYPE_MIGRATE_BASE_ADDR =
TLV_META_TYPE_UINT | 407
- TLV_TYPE_MIGRATE_ENTRY_POINT =
TLV_META_TYPE_UINT | 408
- TLV_TYPE_MIGRATE_SOCKET_PATH =
TLV_META_TYPE_STRING | 409
- TLV_TYPE_MIGRATE_STUB =
TLV_META_TYPE_RAW | 411
- TLV_TYPE_LIB_LOADER_NAME =
TLV_META_TYPE_STRING | 412
- TLV_TYPE_LIB_LOADER_ORDINAL =
TLV_META_TYPE_UINT | 413
- TLV_TYPE_TRANS_TYPE =
TLV_META_TYPE_UINT | 430
- TLV_TYPE_TRANS_URL =
TLV_META_TYPE_STRING | 431
- TLV_TYPE_TRANS_UA =
TLV_META_TYPE_STRING | 432
- TLV_TYPE_TRANS_COMM_TIMEOUT =
TLV_META_TYPE_UINT | 433
- TLV_TYPE_TRANS_SESSION_EXP =
TLV_META_TYPE_UINT | 434
- TLV_TYPE_TRANS_CERT_HASH =
TLV_META_TYPE_RAW | 435
- TLV_TYPE_TRANS_PROXY_HOST =
TLV_META_TYPE_STRING | 436
- TLV_TYPE_TRANS_PROXY_USER =
TLV_META_TYPE_STRING | 437
- TLV_TYPE_TRANS_PROXY_PASS =
TLV_META_TYPE_STRING | 438
- TLV_TYPE_TRANS_RETRY_TOTAL =
TLV_META_TYPE_UINT | 439
- TLV_TYPE_TRANS_RETRY_WAIT =
TLV_META_TYPE_UINT | 440
- TLV_TYPE_TRANS_HEADERS =
TLV_META_TYPE_STRING | 441
- TLV_TYPE_TRANS_GROUP =
TLV_META_TYPE_GROUP | 442
- TLV_TYPE_MACHINE_ID =
TLV_META_TYPE_STRING | 460
- TLV_TYPE_UUID =
TLV_META_TYPE_RAW | 461
- TLV_TYPE_SESSION_GUID =
TLV_META_TYPE_RAW | 462
- TLV_TYPE_RSA_PUB_KEY =
TLV_META_TYPE_RAW | 550
- TLV_TYPE_SYM_KEY_TYPE =
TLV_META_TYPE_UINT | 551
- TLV_TYPE_SYM_KEY =
TLV_META_TYPE_RAW | 552
- TLV_TYPE_ENC_SYM_KEY =
TLV_META_TYPE_RAW | 553
- TLV_TYPE_PIVOT_ID =
Pivots
TLV_META_TYPE_RAW | 650
- TLV_TYPE_PIVOT_STAGE_DATA =
TLV_META_TYPE_RAW | 651
- TLV_TYPE_PIVOT_NAMED_PIPE_NAME =
TLV_META_TYPE_STRING | 653
- LOAD_LIBRARY_FLAG_ON_DISK =
Core flags
(1 << 0)
- LOAD_LIBRARY_FLAG_EXTENSION =
(1 << 1)
- LOAD_LIBRARY_FLAG_LOCAL =
(1 << 2)
- GUID_SIZE =
Sane defaults
16- NULL_GUID =
"\x00" * GUID_SIZE
- COMMAND_ID_START_CORE =
Mapping of command strings to identifiers
0- COMMAND_ID_START_STDAPI =
1000- COMMAND_ID_START_PRIV =
2000- COMMAND_ID_START_EXTAPI =
3000- COMMAND_ID_START_SNIFFER =
4000- COMMAND_ID_START_ANDROID =
5000- COMMAND_ID_START_NETWORKPUG =
6000- COMMAND_ID_START_WINPMEM =
7000- COMMAND_ID_START_KIWI =
8000- COMMAND_ID_START_APPAPI =
9000- COMMAND_ID_START_UNHOOK =
10000- COMMAND_ID_START_ESPIA =
11000- COMMAND_ID_START_INCOGNITO =
12000- COMMAND_ID_START_PYTHON =
13000- COMMAND_ID_START_POWERSHELL =
14000- COMMAND_ID_START_LANATTACKS =
15000- COMMAND_ID_START_PEINJECTOR =
16000- COMMAND_ID_START_MIMIKATZ =
17000- COMMAND_ID_MAP_CORE =
{ 'core_channel_close' => COMMAND_ID_START_CORE + 1, 'core_channel_eof' => COMMAND_ID_START_CORE + 2, 'core_channel_interact' => COMMAND_ID_START_CORE + 3, 'core_channel_open' => COMMAND_ID_START_CORE + 4, 'core_channel_read' => COMMAND_ID_START_CORE + 5, 'core_channel_seek' => COMMAND_ID_START_CORE + 6, 'core_channel_tell' => COMMAND_ID_START_CORE + 7, 'core_channel_write' => COMMAND_ID_START_CORE + 8, 'core_console_write' => COMMAND_ID_START_CORE + 9, 'core_enumextcmd' => COMMAND_ID_START_CORE + 10, 'core_get_session_guid' => COMMAND_ID_START_CORE + 11, 'core_loadlib' => COMMAND_ID_START_CORE + 12, 'core_machine_id' => COMMAND_ID_START_CORE + 13, 'core_migrate' => COMMAND_ID_START_CORE + 14, 'core_native_arch' => COMMAND_ID_START_CORE + 15, 'core_negotiate_tlv_encryption' => COMMAND_ID_START_CORE + 16, 'core_patch_url' => COMMAND_ID_START_CORE + 17, 'core_pivot_add' => COMMAND_ID_START_CORE + 18, 'core_pivot_remove' => COMMAND_ID_START_CORE + 19, 'core_pivot_session_died' => COMMAND_ID_START_CORE + 20, 'core_set_session_guid' => COMMAND_ID_START_CORE + 21, 'core_set_uuid' => COMMAND_ID_START_CORE + 22, 'core_shutdown' => COMMAND_ID_START_CORE + 23, 'core_transport_add' => COMMAND_ID_START_CORE + 24, 'core_transport_change' => COMMAND_ID_START_CORE + 25, 'core_transport_getcerthash' => COMMAND_ID_START_CORE + 26, 'core_transport_list' => COMMAND_ID_START_CORE + 27, 'core_transport_next' => COMMAND_ID_START_CORE + 28, 'core_transport_prev' => COMMAND_ID_START_CORE + 29, 'core_transport_remove' => COMMAND_ID_START_CORE + 30, 'core_transport_setcerthash' => COMMAND_ID_START_CORE + 31, 'core_transport_set_timeouts' => COMMAND_ID_START_CORE + 32, 'core_transport_sleep' => COMMAND_ID_START_CORE + 33, }
- COMMAND_ID_MAP_STDAPI =
{ 'stdapi_fs_chdir' => COMMAND_ID_START_STDAPI + 1, 'stdapi_fs_chmod' => COMMAND_ID_START_STDAPI + 2, 'stdapi_fs_delete_dir' => COMMAND_ID_START_STDAPI + 3, 'stdapi_fs_delete_file' => COMMAND_ID_START_STDAPI + 4, 'stdapi_fs_file_copy' => COMMAND_ID_START_STDAPI + 5, 'stdapi_fs_file_expand_path' => COMMAND_ID_START_STDAPI + 6, 'stdapi_fs_file_move' => COMMAND_ID_START_STDAPI + 7, 'stdapi_fs_getwd' => COMMAND_ID_START_STDAPI + 8, 'stdapi_fs_ls' => COMMAND_ID_START_STDAPI + 9, 'stdapi_fs_md5' => COMMAND_ID_START_STDAPI + 10, 'stdapi_fs_mkdir' => COMMAND_ID_START_STDAPI + 11, 'stdapi_fs_mount_show' => COMMAND_ID_START_STDAPI + 12, 'stdapi_fs_search' => COMMAND_ID_START_STDAPI + 13, 'stdapi_fs_separator' => COMMAND_ID_START_STDAPI + 14, 'stdapi_fs_sha1' => COMMAND_ID_START_STDAPI + 15, 'stdapi_fs_stat' => COMMAND_ID_START_STDAPI + 16, 'stdapi_net_config_add_route' => COMMAND_ID_START_STDAPI + 17, 'stdapi_net_config_get_arp_table' => COMMAND_ID_START_STDAPI + 18, 'stdapi_net_config_get_interfaces' => COMMAND_ID_START_STDAPI + 19, 'stdapi_net_config_get_netstat' => COMMAND_ID_START_STDAPI + 20, 'stdapi_net_config_get_proxy' => COMMAND_ID_START_STDAPI + 21, 'stdapi_net_config_get_routes' => COMMAND_ID_START_STDAPI + 22, 'stdapi_net_config_remove_route' => COMMAND_ID_START_STDAPI + 23, 'stdapi_net_resolve_host' => COMMAND_ID_START_STDAPI + 24, 'stdapi_net_resolve_hosts' => COMMAND_ID_START_STDAPI + 25, 'stdapi_net_socket_tcp_shutdown' => COMMAND_ID_START_STDAPI + 26, 'stdapi_net_tcp_channel_open' => COMMAND_ID_START_STDAPI + 27, 'stdapi_railgun_api' => COMMAND_ID_START_STDAPI + 28, 'stdapi_railgun_api_multi' => COMMAND_ID_START_STDAPI + 29, 'stdapi_railgun_memread' => COMMAND_ID_START_STDAPI + 30, 'stdapi_railgun_memwrite' => COMMAND_ID_START_STDAPI + 31, 'stdapi_registry_check_key_exists' => COMMAND_ID_START_STDAPI + 32, 'stdapi_registry_close_key' => COMMAND_ID_START_STDAPI + 33, 'stdapi_registry_create_key' => COMMAND_ID_START_STDAPI + 34, 'stdapi_registry_delete_key' => COMMAND_ID_START_STDAPI + 35, 'stdapi_registry_delete_value' => COMMAND_ID_START_STDAPI + 36, 'stdapi_registry_enum_key' => COMMAND_ID_START_STDAPI + 37, 'stdapi_registry_enum_key_direct' => COMMAND_ID_START_STDAPI + 38, 'stdapi_registry_enum_value' => COMMAND_ID_START_STDAPI + 39, 'stdapi_registry_enum_value_direct' => COMMAND_ID_START_STDAPI + 40, 'stdapi_registry_load_key' => COMMAND_ID_START_STDAPI + 41, 'stdapi_registry_open_key' => COMMAND_ID_START_STDAPI + 42, 'stdapi_registry_open_remote_key' => COMMAND_ID_START_STDAPI + 43, 'stdapi_registry_query_class' => COMMAND_ID_START_STDAPI + 44, 'stdapi_registry_query_value' => COMMAND_ID_START_STDAPI + 45, 'stdapi_registry_query_value_direct' => COMMAND_ID_START_STDAPI + 46, 'stdapi_registry_set_value' => COMMAND_ID_START_STDAPI + 47, 'stdapi_registry_set_value_direct' => COMMAND_ID_START_STDAPI + 48, 'stdapi_registry_unload_key' => COMMAND_ID_START_STDAPI + 49, 'stdapi_sys_config_driver_list' => COMMAND_ID_START_STDAPI + 50, 'stdapi_sys_config_drop_token' => COMMAND_ID_START_STDAPI + 51, 'stdapi_sys_config_getenv' => COMMAND_ID_START_STDAPI + 52, 'stdapi_sys_config_getprivs' => COMMAND_ID_START_STDAPI + 53, 'stdapi_sys_config_getsid' => COMMAND_ID_START_STDAPI + 54, 'stdapi_sys_config_getuid' => COMMAND_ID_START_STDAPI + 55, 'stdapi_sys_config_localtime' => COMMAND_ID_START_STDAPI + 56, 'stdapi_sys_config_rev2self' => COMMAND_ID_START_STDAPI + 57, 'stdapi_sys_config_steal_token' => COMMAND_ID_START_STDAPI + 58, 'stdapi_sys_config_sysinfo' => COMMAND_ID_START_STDAPI + 59, 'stdapi_sys_eventlog_clear' => COMMAND_ID_START_STDAPI + 60, 'stdapi_sys_eventlog_close' => COMMAND_ID_START_STDAPI + 61, 'stdapi_sys_eventlog_numrecords' => COMMAND_ID_START_STDAPI + 62, 'stdapi_sys_eventlog_oldest' => COMMAND_ID_START_STDAPI + 63, 'stdapi_sys_eventlog_open' => COMMAND_ID_START_STDAPI + 64, 'stdapi_sys_eventlog_read' => COMMAND_ID_START_STDAPI + 65, 'stdapi_sys_power_exitwindows' => COMMAND_ID_START_STDAPI + 66, 'stdapi_sys_process_attach' => COMMAND_ID_START_STDAPI + 67, 'stdapi_sys_process_close' => COMMAND_ID_START_STDAPI + 68, 'stdapi_sys_process_execute' => COMMAND_ID_START_STDAPI + 69, 'stdapi_sys_process_get_info' => COMMAND_ID_START_STDAPI + 70, 'stdapi_sys_process_get_processes' => COMMAND_ID_START_STDAPI + 71, 'stdapi_sys_process_getpid' => COMMAND_ID_START_STDAPI + 72, 'stdapi_sys_process_image_get_images' => COMMAND_ID_START_STDAPI + 73, 'stdapi_sys_process_image_get_proc_address' => COMMAND_ID_START_STDAPI + 74, 'stdapi_sys_process_image_load' => COMMAND_ID_START_STDAPI + 75, 'stdapi_sys_process_image_unload' => COMMAND_ID_START_STDAPI + 76, 'stdapi_sys_process_kill' => COMMAND_ID_START_STDAPI + 77, 'stdapi_sys_process_memory_allocate' => COMMAND_ID_START_STDAPI + 78, 'stdapi_sys_process_memory_free' => COMMAND_ID_START_STDAPI + 79, 'stdapi_sys_process_memory_lock' => COMMAND_ID_START_STDAPI + 80, 'stdapi_sys_process_memory_protect' => COMMAND_ID_START_STDAPI + 81, 'stdapi_sys_process_memory_query' => COMMAND_ID_START_STDAPI + 82, 'stdapi_sys_process_memory_read' => COMMAND_ID_START_STDAPI + 83, 'stdapi_sys_process_memory_unlock' => COMMAND_ID_START_STDAPI + 84, 'stdapi_sys_process_memory_write' => COMMAND_ID_START_STDAPI + 85, 'stdapi_sys_process_thread_close' => COMMAND_ID_START_STDAPI + 86, 'stdapi_sys_process_thread_create' => COMMAND_ID_START_STDAPI + 87, 'stdapi_sys_process_thread_get_threads' => COMMAND_ID_START_STDAPI + 88, 'stdapi_sys_process_thread_open' => COMMAND_ID_START_STDAPI + 89, 'stdapi_sys_process_thread_query_regs' => COMMAND_ID_START_STDAPI + 90, 'stdapi_sys_process_thread_resume' => COMMAND_ID_START_STDAPI + 91, 'stdapi_sys_process_thread_set_regs' => COMMAND_ID_START_STDAPI + 92, 'stdapi_sys_process_thread_suspend' => COMMAND_ID_START_STDAPI + 93, 'stdapi_sys_process_thread_terminate' => COMMAND_ID_START_STDAPI + 94, 'stdapi_sys_process_wait' => COMMAND_ID_START_STDAPI + 95, 'stdapi_ui_desktop_enum' => COMMAND_ID_START_STDAPI + 96, 'stdapi_ui_desktop_get' => COMMAND_ID_START_STDAPI + 97, 'stdapi_ui_desktop_screenshot' => COMMAND_ID_START_STDAPI + 98, 'stdapi_ui_desktop_set' => COMMAND_ID_START_STDAPI + 99, 'stdapi_ui_enable_keyboard' => COMMAND_ID_START_STDAPI + 100, 'stdapi_ui_enable_mouse' => COMMAND_ID_START_STDAPI + 101, 'stdapi_ui_get_idle_time' => COMMAND_ID_START_STDAPI + 102, 'stdapi_ui_get_keys_utf8' => COMMAND_ID_START_STDAPI + 103, 'stdapi_ui_send_keyevent' => COMMAND_ID_START_STDAPI + 104, 'stdapi_ui_send_keys' => COMMAND_ID_START_STDAPI + 105, 'stdapi_ui_send_mouse' => COMMAND_ID_START_STDAPI + 106, 'stdapi_ui_start_keyscan' => COMMAND_ID_START_STDAPI + 107, 'stdapi_ui_stop_keyscan' => COMMAND_ID_START_STDAPI + 108, 'stdapi_ui_unlock_desktop' => COMMAND_ID_START_STDAPI + 109, 'stdapi_webcam_audio_record' => COMMAND_ID_START_STDAPI + 110, 'stdapi_webcam_get_frame' => COMMAND_ID_START_STDAPI + 111, 'stdapi_webcam_list' => COMMAND_ID_START_STDAPI + 112, 'stdapi_webcam_start' => COMMAND_ID_START_STDAPI + 113, 'stdapi_webcam_stop' => COMMAND_ID_START_STDAPI + 114, }
- COMMAND_ID_MAP_ANDROID =
{ 'android_activity_start' => COMMAND_ID_START_ANDROID + 1, 'android_check_root' => COMMAND_ID_START_ANDROID + 2, 'android_device_shutdown' => COMMAND_ID_START_ANDROID + 3, 'android_dump_calllog' => COMMAND_ID_START_ANDROID + 4, 'android_dump_contacts' => COMMAND_ID_START_ANDROID + 5, 'android_dump_sms' => COMMAND_ID_START_ANDROID + 6, 'android_geolocate' => COMMAND_ID_START_ANDROID + 7, 'android_hide_app_icon' => COMMAND_ID_START_ANDROID + 8, 'android_interval_collect' => COMMAND_ID_START_ANDROID + 9, 'android_send_sms' => COMMAND_ID_START_ANDROID + 10, 'android_set_audio_mode' => COMMAND_ID_START_ANDROID + 11, 'android_set_wallpaper' => COMMAND_ID_START_ANDROID + 12, 'android_sqlite_query' => COMMAND_ID_START_ANDROID + 13, 'android_wakelock' => COMMAND_ID_START_ANDROID + 14, 'android_wlan_geolocate' => COMMAND_ID_START_ANDROID + 15, }
- COMMAND_ID_MAP_APPAPI =
{ 'appapi_app_install' => COMMAND_ID_START_APPAPI + 1, 'appapi_app_list' => COMMAND_ID_START_APPAPI + 2, 'appapi_app_run' => COMMAND_ID_START_APPAPI + 3, 'appapi_app_uninstall' => COMMAND_ID_START_APPAPI + 4, }
- COMMAND_ID_MAP_WINPMEM =
{ 'winpmem_dump_ram' => COMMAND_ID_START_WINPMEM + 1, }
- COMMAND_ID_MAP_ESPIA =
{ 'espia_image_get_dev_screen' => COMMAND_ID_START_ESPIA + 1, }
- COMMAND_ID_MAP_EXTAPI =
{ 'extapi_adsi_domain_query' => COMMAND_ID_START_EXTAPI + 1, 'extapi_clipboard_get_data' => COMMAND_ID_START_EXTAPI + 2, 'extapi_clipboard_monitor_dump' => COMMAND_ID_START_EXTAPI + 3, 'extapi_clipboard_monitor_pause' => COMMAND_ID_START_EXTAPI + 4, 'extapi_clipboard_monitor_purge' => COMMAND_ID_START_EXTAPI + 5, 'extapi_clipboard_monitor_resume' => COMMAND_ID_START_EXTAPI + 6, 'extapi_clipboard_monitor_start' => COMMAND_ID_START_EXTAPI + 7, 'extapi_clipboard_monitor_stop' => COMMAND_ID_START_EXTAPI + 8, 'extapi_clipboard_set_data' => COMMAND_ID_START_EXTAPI + 9, 'extapi_ntds_parse' => COMMAND_ID_START_EXTAPI + 10, 'extapi_pageant_send_query' => COMMAND_ID_START_EXTAPI + 11, 'extapi_service_control' => COMMAND_ID_START_EXTAPI + 12, 'extapi_service_enum' => COMMAND_ID_START_EXTAPI + 13, 'extapi_service_query' => COMMAND_ID_START_EXTAPI + 14, 'extapi_window_enum' => COMMAND_ID_START_EXTAPI + 15, 'extapi_wmi_query' => COMMAND_ID_START_EXTAPI + 16, }
- COMMAND_ID_MAP_INCOGNITO =
{ 'incognito_add_group_user' => COMMAND_ID_START_INCOGNITO + 1, 'incognito_add_localgroup_user' => COMMAND_ID_START_INCOGNITO + 2, 'incognito_add_user' => COMMAND_ID_START_INCOGNITO + 3, 'incognito_impersonate_token' => COMMAND_ID_START_INCOGNITO + 4, 'incognito_list_tokens' => COMMAND_ID_START_INCOGNITO + 5, 'incognito_snarf_hashes' => COMMAND_ID_START_INCOGNITO + 6, }
- COMMAND_ID_MAP_KIWI =
{ 'kiwi_exec_cmd' => COMMAND_ID_START_KIWI + 1, }
- COMMAND_ID_MAP_LANATTACKS =
{ 'lanattacks_add_tftp_file' => COMMAND_ID_START_LANATTACKS + 1, 'lanattacks_dhcp_log' => COMMAND_ID_START_LANATTACKS + 2, 'lanattacks_reset_dhcp' => COMMAND_ID_START_LANATTACKS + 3, 'lanattacks_reset_tftp' => COMMAND_ID_START_LANATTACKS + 4, 'lanattacks_set_dhcp_option' => COMMAND_ID_START_LANATTACKS + 5, 'lanattacks_start_dhcp' => COMMAND_ID_START_LANATTACKS + 6, 'lanattacks_start_tftp' => COMMAND_ID_START_LANATTACKS + 7, 'lanattacks_stop_dhcp' => COMMAND_ID_START_LANATTACKS + 8, 'lanattacks_stop_tftp' => COMMAND_ID_START_LANATTACKS + 9, }
- COMMAND_ID_MAP_MIMIKATZ =
{ 'mimikatz_custom_command' => COMMAND_ID_START_MIMIKATZ + 1, }
- COMMAND_ID_MAP_NETWORKPUG =
{ 'networkpug_start' => COMMAND_ID_START_NETWORKPUG + 1, 'networkpug_stop' => COMMAND_ID_START_NETWORKPUG + 2, }
- COMMAND_ID_MAP_PEINJECTOR =
{ 'peinjector_inject_shellcode' => COMMAND_ID_START_PEINJECTOR + 1, }
- COMMAND_ID_MAP_POWERSHELL =
{ 'powershell_assembly_load' => COMMAND_ID_START_POWERSHELL + 1, 'powershell_execute' => COMMAND_ID_START_POWERSHELL + 2, 'powershell_session_remove' => COMMAND_ID_START_POWERSHELL + 3, 'powershell_shell' => COMMAND_ID_START_POWERSHELL + 4, }
- COMMAND_ID_MAP_PRIV =
{ 'priv_elevate_getsystem' => COMMAND_ID_START_PRIV + 1, 'priv_fs_blank_directory_mace' => COMMAND_ID_START_PRIV + 2, 'priv_fs_blank_file_mace' => COMMAND_ID_START_PRIV + 3, 'priv_fs_get_file_mace' => COMMAND_ID_START_PRIV + 4, 'priv_fs_set_file_mace' => COMMAND_ID_START_PRIV + 5, 'priv_fs_set_file_mace_from_file' => COMMAND_ID_START_PRIV + 6, 'priv_passwd_get_sam_hashes' => COMMAND_ID_START_PRIV + 7, }
- COMMAND_ID_MAP_PYTHON =
{ 'python_execute' => COMMAND_ID_START_PYTHON + 1, 'python_reset' => COMMAND_ID_START_PYTHON + 2, }
- COMMAND_ID_MAP_SNIFFER =
{ 'sniffer_capture_dump' => COMMAND_ID_START_SNIFFER + 1, 'sniffer_capture_dump_read' => COMMAND_ID_START_SNIFFER + 2, 'sniffer_capture_release' => COMMAND_ID_START_SNIFFER + 3, 'sniffer_capture_start' => COMMAND_ID_START_SNIFFER + 4, 'sniffer_capture_stats' => COMMAND_ID_START_SNIFFER + 5, 'sniffer_capture_stop' => COMMAND_ID_START_SNIFFER + 6, 'sniffer_interfaces' => COMMAND_ID_START_SNIFFER + 7, }
- COMMAND_ID_MAP_UNHOOK =
{ 'unhook_pe' => COMMAND_ID_START_UNHOOK + 1, }
- COMMAND_ID_MAP =
[ COMMAND_ID_MAP_CORE, COMMAND_ID_MAP_STDAPI, COMMAND_ID_MAP_PRIV, COMMAND_ID_MAP_EXTAPI, COMMAND_ID_MAP_SNIFFER, COMMAND_ID_MAP_ANDROID, COMMAND_ID_MAP_NETWORKPUG, COMMAND_ID_MAP_WINPMEM, COMMAND_ID_MAP_KIWI, COMMAND_ID_MAP_APPAPI, COMMAND_ID_MAP_UNHOOK, COMMAND_ID_MAP_ESPIA, COMMAND_ID_MAP_INCOGNITO, COMMAND_ID_MAP_PYTHON, COMMAND_ID_MAP_POWERSHELL, COMMAND_ID_MAP_LANATTACKS, COMMAND_ID_MAP_PEINJECTOR, COMMAND_ID_MAP_MIMIKATZ, ].inject({}) {|m1, m2| m1.merge(m2)}
- CHANNEL_CLASS_STREAM =
The various types of channels
1- CHANNEL_CLASS_DATAGRAM =
2- CHANNEL_CLASS_POOL =
3- CHANNEL_FLAG_SYNCHRONOUS =
The various flags that can affect how the channel operates
CHANNEL_FLAG_SYNCHRONOUS Specifies that I/O requests on the channel are blocking. CHANNEL_FLAG_COMPRESS Specifies that I/O requests on the channel have their data zlib compressed. (1 << 0)
- CHANNEL_FLAG_COMPRESS =
(1 << 1)
- CHANNEL_DIO_READ =
The core types of direct I/O requests
'read'- CHANNEL_DIO_WRITE =
'write'- CHANNEL_DIO_CLOSE =
'close'- COMMAND_ID_RANGE =
Effectively maps to the number of commands an extension can have. Each extension ID starts at a range boundary and is used to identify extensions.
1000- EXTENSION_ID_CORE =
ID for the extension (needs to be a multiple of 1000)
0- COMMAND_ID_CORE_CHANNEL_CLOSE =
EXTENSION_ID_CORE + 1
- COMMAND_ID_CORE_CHANNEL_EOF =
EXTENSION_ID_CORE + 2
- COMMAND_ID_CORE_CHANNEL_INTERACT =
EXTENSION_ID_CORE + 3
- COMMAND_ID_CORE_CHANNEL_OPEN =
EXTENSION_ID_CORE + 4
- COMMAND_ID_CORE_CHANNEL_READ =
EXTENSION_ID_CORE + 5
- COMMAND_ID_CORE_CHANNEL_SEEK =
EXTENSION_ID_CORE + 6
- COMMAND_ID_CORE_CHANNEL_TELL =
EXTENSION_ID_CORE + 7
- COMMAND_ID_CORE_CHANNEL_WRITE =
EXTENSION_ID_CORE + 8
- COMMAND_ID_CORE_CONSOLE_WRITE =
EXTENSION_ID_CORE + 9
- COMMAND_ID_CORE_ENUMEXTCMD =
EXTENSION_ID_CORE + 10
- COMMAND_ID_CORE_GET_SESSION_GUID =
EXTENSION_ID_CORE + 11
- COMMAND_ID_CORE_LOADLIB =
EXTENSION_ID_CORE + 12
- COMMAND_ID_CORE_MACHINE_ID =
EXTENSION_ID_CORE + 13
- COMMAND_ID_CORE_MIGRATE =
EXTENSION_ID_CORE + 14
- COMMAND_ID_CORE_NATIVE_ARCH =
EXTENSION_ID_CORE + 15
- COMMAND_ID_CORE_NEGOTIATE_TLV_ENCRYPTION =
EXTENSION_ID_CORE + 16
- COMMAND_ID_CORE_PATCH_URL =
EXTENSION_ID_CORE + 17
- COMMAND_ID_CORE_PIVOT_ADD =
EXTENSION_ID_CORE + 18
- COMMAND_ID_CORE_PIVOT_REMOVE =
EXTENSION_ID_CORE + 19
- COMMAND_ID_CORE_PIVOT_SESSION_DIED =
EXTENSION_ID_CORE + 20
- COMMAND_ID_CORE_SET_SESSION_GUID =
EXTENSION_ID_CORE + 21
- COMMAND_ID_CORE_SET_UUID =
EXTENSION_ID_CORE + 22
- COMMAND_ID_CORE_SHUTDOWN =
EXTENSION_ID_CORE + 23
- COMMAND_ID_CORE_TRANSPORT_ADD =
EXTENSION_ID_CORE + 24
- COMMAND_ID_CORE_TRANSPORT_CHANGE =
EXTENSION_ID_CORE + 25
- COMMAND_ID_CORE_TRANSPORT_GETCERTHASH =
EXTENSION_ID_CORE + 26
- COMMAND_ID_CORE_TRANSPORT_LIST =
EXTENSION_ID_CORE + 27
- COMMAND_ID_CORE_TRANSPORT_NEXT =
EXTENSION_ID_CORE + 28
- COMMAND_ID_CORE_TRANSPORT_PREV =
EXTENSION_ID_CORE + 29
- COMMAND_ID_CORE_TRANSPORT_REMOVE =
EXTENSION_ID_CORE + 30
- COMMAND_ID_CORE_TRANSPORT_SETCERTHASH =
EXTENSION_ID_CORE + 31
- COMMAND_ID_CORE_TRANSPORT_SET_TIMEOUTS =
EXTENSION_ID_CORE + 32
- COMMAND_ID_CORE_TRANSPORT_SLEEP =
EXTENSION_ID_CORE + 33
Class Method Summary collapse
- .command_id_to_method_string(method_int) ⇒ Object
- .generate_command_id_map_c ⇒ Object
- .generate_command_id_map_csharp ⇒ Object
- .generate_command_id_map_java ⇒ Object
- .generate_command_id_map_php ⇒ Object
- .generate_command_id_map_php_lib(lib, id_map) ⇒ Object
- .generate_command_id_map_python ⇒ Object
- .generate_command_id_map_python_extension ⇒ Object
- .method_string_to_command_id(method_string) ⇒ Object
Class Method Details
.command_id_to_method_string(method_int) ⇒ Object
620 621 622 623 624 625 626 627 628 |
# File 'lib/rex/post/meterpreter/packet.rb', line 620 def self.command_id_to_method_string(method_int) value = COMMAND_ID_MAP.key(method_int) if value.nil? raise ArgumentError, "Unknown Packet command method integer: #{}, please report this to the Metasploit team." end value end |
.generate_command_id_map_c ⇒ Object
460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 |
# File 'lib/rex/post/meterpreter/packet.rb', line 460 def self.generate_command_id_map_c id_map = [ COMMAND_ID_MAP_CORE, COMMAND_ID_MAP_STDAPI, COMMAND_ID_MAP_PRIV, COMMAND_ID_MAP_EXTAPI, COMMAND_ID_MAP_SNIFFER, COMMAND_ID_MAP_WINPMEM, COMMAND_ID_MAP_KIWI, COMMAND_ID_MAP_UNHOOK, COMMAND_ID_MAP_ESPIA, COMMAND_ID_MAP_INCOGNITO, COMMAND_ID_MAP_PYTHON, COMMAND_ID_MAP_POWERSHELL, COMMAND_ID_MAP_LANATTACKS, COMMAND_ID_MAP_PEINJECTOR, COMMAND_ID_MAP_MIMIKATZ, ].inject({}) {|m1, m2| m1.merge(m2)} command_ids = id_map.map {|k, v| "#define COMMAND_ID_#{k.upcase} #{v}"} %Q^ /*! * @file common_command_ids.h * @brief Declarations of command ID values * @description This file was generated #{Time.now.utc}. Do not modify directly. */ #ifndef _METERPRETER_SOURCE_COMMON_COMMAND_IDS_H #define _METERPRETER_SOURCE_COMMON_COMMAND_IDS_H #{command_ids.join("\n")} #endif ^ end |
.generate_command_id_map_csharp ⇒ Object
579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 |
# File 'lib/rex/post/meterpreter/packet.rb', line 579 def self.generate_command_id_map_csharp id_map = [ COMMAND_ID_MAP_CORE, COMMAND_ID_MAP_STDAPI, COMMAND_ID_MAP_PRIV, COMMAND_ID_MAP_EXTAPI, COMMAND_ID_MAP_SNIFFER, COMMAND_ID_MAP_WINPMEM, COMMAND_ID_MAP_KIWI, COMMAND_ID_MAP_UNHOOK, COMMAND_ID_MAP_ESPIA, COMMAND_ID_MAP_INCOGNITO, COMMAND_ID_MAP_PYTHON, COMMAND_ID_MAP_POWERSHELL, COMMAND_ID_MAP_LANATTACKS, COMMAND_ID_MAP_PEINJECTOR, COMMAND_ID_MAP_MIMIKATZ, ].inject({}) {|m1, m2| m1.merge(m2)} command_ids = id_map.map {|k, v| "#{k.split('_').map(&:capitalize).join} = #{v},"} %Q^ /// <summary> // This content was generated by a tool @ #{Time.now.utc} /// </summary> namespace MSF.Powershell.Meterpreter { public enum CommandId { #{command_ids.join("\n ")} } } ^ end |
.generate_command_id_map_java ⇒ Object
495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 |
# File 'lib/rex/post/meterpreter/packet.rb', line 495 def self.generate_command_id_map_java id_map = [ COMMAND_ID_MAP_CORE, COMMAND_ID_MAP_STDAPI, ].inject({}) {|m1, m2| m1.merge(m2)} command_ids = id_map.map {|k, v| " public static final int #{k.upcase} = #{v};"} %Q^ package com.metasploit.meterpreter.command; /** * All supported Command Identifiers * * @author Genereated by a tool @ #{Time.now.utc} */ public interface CommandId { #{command_ids.join("\n")} } ^ end |
.generate_command_id_map_php ⇒ Object
526 527 528 529 530 531 532 |
# File 'lib/rex/post/meterpreter/packet.rb', line 526 def self.generate_command_id_map_php %Q^ #{self.generate_command_id_map_php_lib('metsrv', COMMAND_ID_MAP_CORE)} #{self.generate_command_id_map_php_lib('stdapi', COMMAND_ID_MAP_STDAPI)} ^ end |
.generate_command_id_map_php_lib(lib, id_map) ⇒ Object
515 516 517 518 519 520 521 522 523 524 |
# File 'lib/rex/post/meterpreter/packet.rb', line 515 def self.generate_command_id_map_php_lib(lib, id_map) command_ids = id_map.map {|k, v| "define('COMMAND_ID_#{k.upcase}', #{v});"} %Q^ # --------------------------------------------------------------- # --- THIS CONTENT WAS GENERATED BY A TOOL @ #{Time.now.utc} # IDs for #{lib} #{command_ids.join("\n")} # --------------------------------------------------------------- ^ end |
.generate_command_id_map_python ⇒ Object
534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 |
# File 'lib/rex/post/meterpreter/packet.rb', line 534 def self.generate_command_id_map_python id_map = [ COMMAND_ID_MAP_CORE, COMMAND_ID_MAP_STDAPI, ].inject({}) {|m1, m2| m1.merge(m2)} command_ids = id_map.map {|k, v| " (#{v}, '#{k.downcase}'),"} %Q^ # --------------------------------------------------------------- # --- THIS CONTENT WAS GENERATED BY A TOOL @ #{Time.now.utc} COMMAND_IDS = ( #{command_ids.join("\n")} ) # --------------------------------------------------------------- ^ end |
.generate_command_id_map_python_extension ⇒ Object
550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 |
# File 'lib/rex/post/meterpreter/packet.rb', line 550 def self.generate_command_id_map_python_extension id_map = [ COMMAND_ID_MAP_CORE, COMMAND_ID_MAP_STDAPI, COMMAND_ID_MAP_PRIV, COMMAND_ID_MAP_EXTAPI, COMMAND_ID_MAP_SNIFFER, COMMAND_ID_MAP_WINPMEM, COMMAND_ID_MAP_KIWI, COMMAND_ID_MAP_UNHOOK, COMMAND_ID_MAP_ESPIA, COMMAND_ID_MAP_INCOGNITO, COMMAND_ID_MAP_PYTHON, COMMAND_ID_MAP_POWERSHELL, COMMAND_ID_MAP_LANATTACKS, COMMAND_ID_MAP_PEINJECTOR, COMMAND_ID_MAP_MIMIKATZ, ].inject({}) {|m1, m2| m1.merge(m2)} command_ids = id_map.map {|k, v| "COMMAND_ID_#{k.upcase} = #{v}"} %Q^ # --------------------------------------------------------------- # --- THIS CONTENT WAS GENERATED BY A TOOL @ #{Time.now.utc} #{command_ids.join("\n")} # --------------------------------------------------------------- ^ end |
.method_string_to_command_id(method_string) ⇒ Object
612 613 614 615 616 617 618 |
# File 'lib/rex/post/meterpreter/packet.rb', line 612 def self.method_string_to_command_id(method_string) unless COMMAND_ID_MAP.include?(method_string) raise ArgumentError, "Unknown Packet command method string: #{method_string}, please report this to the Metasploit team." end COMMAND_ID_MAP[method_string] end |