Documentation
¶
Index ¶
- Constants
- Variables
- func RunCommand(command string, arguments string, cwd string) (stdout []byte, stderr []byte, err error)
- func RunShellCommand(arguments string, cwd string) (stdout []byte, stderr []byte, err error)
- type BrowserScript
- type BuildParameter
- type BuildParameterDictionary
- type BuildParameterType
- type BuildStep
- type C2ParameterDictionary
- type Command
- type CommandAttribute
- type CommandParameter
- type CommandParameterType
- type FileBrowserTask
- type OPSEC_ROLE
- type PAYLOAD_BUILD_STATUS
- type PTRPCDynamicQueryFunctionMessage
- type PTRPCDynamicQueryFunctionMessageResponse
- type PTRPCOtherServiceRPCMessage
- type PTRPCOtherServiceRPCMessageResponse
- type PTRPCReSyncMessage
- type PTRPCReSyncMessageResponse
- type PTTTaskOPSECPreTaskMessageResponse
- type PTTaskCompletionFunction
- type PTTaskCompletionFunctionMessage
- type PTTaskCompletionFunctionMessageResponse
- type PTTaskCreateTaskingMessageResponse
- type PTTaskMessageAllData
- type PTTaskMessageArgsData
- func (arg *PTTaskMessageArgsData) AddArg(newArg CommandParameter) error
- func (arg *PTTaskMessageArgsData) GetArg(name string) (interface{}, error)
- func (arg *PTTaskMessageArgsData) GetBooleanArg(name string) (bool, error)
- func (arg *PTTaskMessageArgsData) GetCommandLine() string
- func (arg *PTTaskMessageArgsData) GetDictionaryArg(name string) (map[string]interface{}, error)
- func (arg *PTTaskMessageArgsData) GetFinalArgs() (string, error)
- func (arg *PTTaskMessageArgsData) GetNumberArg(name string) (float64, error)
- func (arg *PTTaskMessageArgsData) GetParameterGroupArguments() ([]CommandParameter, error)
- func (arg *PTTaskMessageArgsData) GetParameterGroupName() (string, error)
- func (arg *PTTaskMessageArgsData) GetRawCommandLine() string
- func (arg *PTTaskMessageArgsData) GetStringArg(name string) (string, error)
- func (arg *PTTaskMessageArgsData) GetTaskingLocation() string
- func (arg *PTTaskMessageArgsData) HasArg(name string) bool
- func (arg *PTTaskMessageArgsData) LoadArgsFromDictionary(dictionaryArgs map[string]interface{}) error
- func (arg *PTTaskMessageArgsData) LoadArgsFromJSONString(stringArgs string) error
- func (arg *PTTaskMessageArgsData) RemoveArg(name string) error
- func (arg *PTTaskMessageArgsData) RenameArg(oldName string, newName string) error
- func (arg *PTTaskMessageArgsData) SetArgValue(name string, value interface{}) error
- func (arg *PTTaskMessageArgsData) SetManualArgs(args string)
- func (arg *PTTaskMessageArgsData) VerifyRequiredArgsHaveValues() (bool, error)
- type PTTaskMessageCallbackData
- type PTTaskMessagePayloadData
- type PTTaskMessageTaskData
- type PTTaskOPSECPostTaskMessageResponse
- type PTTaskProcessResponseMessageResponse
- type PTTaskingDynamicQueryFunction
- type PT_TASK_FUNCTION_STATUS
- type ParameterGroupInfo
- type PayloadBuildC2Profile
- type PayloadBuildC2ProfileMessage
- type PayloadBuildC2ProfileMessageResponse
- type PayloadBuildMessage
- type PayloadBuildResponse
- type PayloadConfiguration
- type PayloadConfigurationBuildParameter
- type PayloadConfigurationC2Profile
- type PayloadType
- type PayloadTypeSyncMessage
- type PayloadTypeSyncMessageResponse
- type PtTaskFunctionCreateTasking
- type PtTaskFunctionOPSECPost
- type PtTaskFunctionOPSECPre
- type PtTaskFunctionParseArgDictionary
- type PtTaskFunctionParseArgString
- type PtTaskFunctionProcessResponse
- type PtTaskProcessResponseMessage
- type RabbitmqDirectMethod
- type RabbitmqRPCMethod
- type SubtaskGroupName
Constants ¶
View Source
const ( SUPPORTED_OS_MACOS = "macOS" SUPPORTED_OS_WINDOWS = "windows" SUPPORTED_OS_LINUX = "linux" SUPPORTED_OS_CHROME = "chrome" )
View Source
const ( BUILD_PARAMETER_TYPE_STRING BuildParameterType = "String" BUILD_PARAMETER_TYPE_BOOLEAN = "Boolean" BUILD_PARAMETER_TYPE_CHOOSE_ONE = "ChooseOne" BUILD_PARAMETER_TYPE_CHOOSE_MULTIPLE = "ChooseMultiple" BUILD_PARAMETER_TYPE_DATE = "Date" BUILD_PARAMETER_TYPE_DICTIONARY = "Dictionary" BUILD_PARAMETER_TYPE_ARRAY = "Array" BUILD_PARAMETER_TYPE_NUMBER = "Number" )
View Source
const ( COMMAND_PARAMETER_TYPE_STRING CommandParameterType = "String" COMMAND_PARAMETER_TYPE_BOOLEAN = "Boolean" COMMAND_PARAMETER_TYPE_CHOOSE_ONE = "ChooseOne" COMMAND_PARAMETER_TYPE_CHOOSE_MULTIPLE = "ChooseMultiple" COMMAND_PARAMETER_TYPE_FILE = "File" COMMAND_PARAMETER_TYPE_ARRAY = "Array" COMMAND_PARAMETER_TYPE_CREDENTIAL = "CredentialJson" COMMAND_PARAMETER_TYPE_NUMBER = "Number" COMMAND_PARAMETER_TYPE_PAYLOAD_LIST = "PayloadList" COMMAND_PARAMETER_TYPE_CONNECTION_INFO = "AgentConnect" COMMAND_PARAMETER_TYPE_LINK_INFO = "LinkInfo" )
View Source
const ( PT_TASK_FUNCTION_STATUS_OPSEC_PRE PT_TASK_FUNCTION_STATUS = "OPSEC Pre Check Running..." PT_TASK_FUNCTION_STATUS_OPSEC_PRE_ERROR = "Error: OPSEC Pre Check" PT_TASK_FUNCTION_STATUS_OPSEC_PRE_BLOCKED = "OPSEC Pre Block Hit" PT_TASK_FUNCTION_STATUS_PREPROCESSING = "preprocessing" PT_TASK_FUNCTION_STATUS_PREPROCESSING_ERROR = "Error: preprocessing" PT_TASK_FUNCTION_STATUS_OPSEC_POST = "OPSEC Post Check Running..." PT_TASK_FUNCTION_STATUS_OPSEC_POST_ERROR = "Error: OPSEC Post Check" PT_TASK_FUNCTION_STATUS_OPSEC_POST_BLOCKED = "OPSEC Post Block Hit" PT_TASK_FUNCTION_STATUS_SUBMITTED = "submitted" PT_TASK_FUNCTION_STATUS_COMPLETION_FUNCTION = "Completion Function Running..." PT_TASK_FUNCTION_STATUS_COMPLETION_FUNCTION_ERROR = "Error: Completion Function" PT_TASK_FUNCTION_STATUS_SUBTASK_COMPLETED_FUNCTION = "SubTask Completion Function Running..." PT_TASK_FUNCTION_STATUS_SUBTASK_COMPLETED_FUNCTION_ERROR = "Error: Subtask Completion Function" PT_TASK_FUNCTION_STATUS_GROUP_COMPLETED_FUNCTION = "Group Completion Function Running..." PT_TASK_FUNCTION_STATUS_GROUP_COMPLETED_FUNCTION_ERROR = "Error: Group Completion Function" PT_TASK_FUNCTION_STATUS_PROCESS_RESPONSE_FUNCTION = "Task Processing Response Manually..." PT_TASK_FUNCTION_STATUS_COMPLETED = "completed" )
View Source
const ( OPSEC_ROLE_LEAD OPSEC_ROLE = "lead" OPSEC_ROLE_OPERATOR = "operator" OPSEC_ROLE_OTHER_OPERATOR = "other_operator" )
Variables ¶
View Source
var (
AllPayloadData containerPayloadData
)
Functions ¶
func RunCommand ¶
Types ¶
type BrowserScript ¶
type BuildParameter ¶
type BuildParameter struct {
Name string `json:"name"`
Description string `json:"description"`
Required bool `json:"required"`
VerifierRegex string `json:"verifier_regex"`
DefaultValue interface{} `json:"default_value"`
ParameterType BuildParameterType `json:"parameter_type"`
FormatString string `json:"format_string"`
Randomize bool `json:"randomize"`
IsCryptoType bool `json:"crypto_type"`
Choices []string `json:"choices"`
DictionaryChoices []BuildParameterDictionary `json:"dictionary_choices"`
}
type BuildParameterDictionary ¶
type BuildParameterDictionary C2ParameterDictionary
type BuildParameterType ¶
type BuildParameterType = string
type C2ParameterDictionary ¶
type Command ¶
type Command struct {
Name string `json:"name"`
NeedsAdminPermissions bool `json:"needs_admin_permissions"`
HelpString string `json:"help_string"`
Description string `json:"description"`
Version uint32 `json:"version"`
SupportedUIFeatures []string `json:"supported_ui_features"`
Author string `json:"author"`
MitreAttackMappings []string `json:"attack"`
ScriptOnlyCommand bool `json:"script_only"`
CommandAttributes CommandAttribute `json:"attributes"`
CommandParameters []CommandParameter `json:"parameters"`
AssociatedBrowserScript *BrowserScript `json:"browserscript,omitempty"`
TaskFunctionOPSECPre PtTaskFunctionOPSECPre `json:"-"`
TaskFunctionCreateTasking PtTaskFunctionCreateTasking `json:"-"`
TaskFunctionProcessResponse PtTaskFunctionProcessResponse `json:"-"`
TaskFunctionOPSECPost PtTaskFunctionOPSECPost `json:"-"`
TaskFunctionParseArgString PtTaskFunctionParseArgString `json:"-"`
TaskFunctionParseArgDictionary PtTaskFunctionParseArgDictionary `json:"-"`
TaskCompletionFunctions map[string]PTTaskCompletionFunction `json:"-"`
}
type CommandAttribute ¶
type CommandAttribute struct {
CommandIsInjectableIntoProcess bool `json:"spawn_and_injectable"`
SupportedOS []string `json:"supported_os"`
CommandIsBuiltin bool `json:"builtin"`
CommandIsSuggested bool `json:"suggested_command"`
CommandCanOnlyBeLoadedLater bool `json:"load_only"`
FilterCommandAvailabilityByAgentBuildParameters map[string]string `json:"filter_by_build_parameter"`
AdditionalAttributes map[string]string `json:"additional_items"`
}
type CommandParameter ¶
type CommandParameter struct {
Name string `json:"name"`
ModalDisplayName string `json:"display_name"`
CLIName string `json:"cli_name"`
ParameterType CommandParameterType `json:"parameter_type"`
Description string `json:"description"`
Choices []string `json:"choices"`
DefaultValue interface{} `json:"default_value"`
SupportedAgents []string `json:"supported_agents"`
SupportedAgentBuildParameters map[string]string `json:"supported_agent_build_parameters"`
ChoicesAreAllCommands bool `json:"choices_are_all_commands"`
ChoicesAreLoadedCommands bool `json:"choices_are_loaded_commands"`
FilterCommandChoicesByCommandAttributes map[string]string `json:"choice_filter_by_command_attributes"`
DynamicQueryFunction PTTaskingDynamicQueryFunction `json:"dynamic_query_function"`
ParameterGroupInformation []ParameterGroupInfo `json:"parameter_group_info"`
// contains filtered or unexported fields
}
func (*CommandParameter) GetCurrentValue ¶
func (cmd *CommandParameter) GetCurrentValue() interface{}
type CommandParameterType ¶
type CommandParameterType = string
type FileBrowserTask ¶
type OPSEC_ROLE ¶
type OPSEC_ROLE string
Tasking step 1: Task message/process before running create_tasking function
opportunity to run any necessary opsec checks/blocks before the logic in create_tasking runs which can spawn subtasks outside of the opsec checks
type PAYLOAD_BUILD_STATUS ¶
type PAYLOAD_BUILD_STATUS = string
const ( PAYLOAD_BUILD_STATUS_SUCCESS PAYLOAD_BUILD_STATUS = "success" PAYLOAD_BUILD_STATUS_ERROR = "error" )
type PTRPCReSyncMessage ¶
type PTRPCReSyncMessage struct {
Name string `json:"payload_type"`
}
type PTTTaskOPSECPreTaskMessageResponse ¶
type PTTTaskOPSECPreTaskMessageResponse struct {
TaskID int `json:"task_id"`
Success bool `json:"success"`
Error string `json:"error"`
OpsecPreBlocked bool `json:"opsec_pre_blocked"`
OpsecPreMessage string `json:"opsec_pre_message"`
OpsecPreBypassed *bool `json:"opsec_pre_bypassed,omitempty"`
OpsecPreBypassRole OPSEC_ROLE `json:"opsec_pre_bypass_role"`
}
type PTTaskCompletionFunction ¶
type PTTaskCompletionFunction func(*PTTaskMessageAllData, *PTTaskMessageAllData, *SubtaskGroupName) PTTaskCompletionFunctionMessageResponse
type PTTaskCompletionFunctionMessage ¶
type PTTaskCompletionFunctionMessage struct {
TaskData *PTTaskMessageAllData `json:"task"`
SubtaskData *PTTaskMessageAllData `json:"subtask,omitempty"`
SubtaskGroup *SubtaskGroupName `json:"subtask_group_name,omitempty"`
CompletionFunctionName string `json:"function_name"`
}
type PTTaskCompletionFunctionMessageResponse ¶
type PTTaskCompletionFunctionMessageResponse struct {
TaskID int `json:"task_id"`
ParentTaskId int `json:"parent_task_id"`
Success bool `json:"success"`
Error string `json:"error"`
TaskStatus *string `json:"task_status,omitempty"`
DisplayParams *string `json:"display_params,omitempty"`
Stdout *string `json:"stdout,omitempty"`
Stderr *string `json:"stderr,omitempty"`
Completed *bool `json:"completed,omitempty"`
TokenID *int `json:"token_id,omitempty"`
CompletionFunctionName *string `json:"completion_function_name,omitempty"`
Params *string `json:"params,omitempty"`
ParameterGroupName *string `json:"parameter_group_name,omitempty"`
}
type PTTaskCreateTaskingMessageResponse ¶
type PTTaskCreateTaskingMessageResponse struct {
// TaskID - the task associated with the create tasking function - this will be automatically filled in for you
TaskID int `json:"task_id"`
// Success - indicate if the create tasking function ran successfully or not
Success bool `json:"success"`
// Error - if you want to provide an error message about some error you hit while executing the create tasking
Error string `json:"error"`
// CommandName - if you want to change the associated command name that's sent down to the agent
CommandName *string `json:"command_name,omitempty"`
// TaskStatus - if you want to manually set the task status to be something other than default
TaskStatus *string `json:"task_status,omitempty"`
// DisplayParams - if you want to change the display parameters for your task to be something other than the default JSON
DisplayParams *string `json:"display_params,omitempty"`
// Stdout - Provide any task-based stdout
Stdout *string `json:"stdout,omitempty"`
// Stderr - Provide any task-based stderr
Stderr *string `json:"stderr,omitempty"`
// Completed - identify if the task is already completed and shouldn't be sent down to the agent
Completed *bool `json:"completed,omitempty"`
// TokenID - identifier for the token id associated with this task - normally doesn't need to be set unless you're changing it
TokenID *uint64 `json:"token_id,omitempty"`
// CompletionFunctionName - name of the completion function to call from the Command's TaskCompletionFunctions dictionary
CompletionFunctionName *string `json:"completion_function_name,omitempty"`
// ParameterGroupName - manually give the parameter group name instead of having Mythic determine it
ParameterGroupName string `json:"parameter_group_name"`
}
type PTTaskMessageAllData ¶
type PTTaskMessageAllData struct {
// Task - Read-only data about the task
Task PTTaskMessageTaskData `json:"task"`
// Callback - Read-only data about the callback
Callback PTTaskMessageCallbackData `json:"callback"`
// BuildParameters - Read-only data about the build parameters
BuildParameters []PayloadConfigurationBuildParameter `json:"build_parameters"`
// Commands - Read-only data about the commands built into the callback
Commands []string `json:"commands"`
// Payload - Read-only data about the backing payload for this task
Payload PTTaskMessagePayloadData `json:"payload"`
// C2Profiles - Read-only data about the c2 profiles and their values for this callback
C2Profiles []PayloadConfigurationC2Profile `json:"c2info"`
// PayloadType - Read-only the name of the payload type associated with this task
PayloadType string `json:"payload_type"`
// Args - Read-Write argument data for adding/removing/modifying args associated with this task instance.
// Mainly for create tasking function to augment parameters
Args PTTaskMessageArgsData
}
type PTTaskMessageArgsData ¶
type PTTaskMessageArgsData struct {
// contains filtered or unexported fields
}
PTTaskMessageArgsData - struct for tracking, adding, removing, updating, validating, etc arguments for a task. If you want to set your own manual arguments, use the .SetManualArgs function.
func GenerateArgsData ¶
func GenerateArgsData(cmdParams []CommandParameter, task PTTaskMessageAllData) (PTTaskMessageArgsData, error)
Args helper functions
func (*PTTaskMessageArgsData) AddArg ¶
func (arg *PTTaskMessageArgsData) AddArg(newArg CommandParameter) error
func (*PTTaskMessageArgsData) GetArg ¶
func (arg *PTTaskMessageArgsData) GetArg(name string) (interface{}, error)
func (*PTTaskMessageArgsData) GetBooleanArg ¶
func (arg *PTTaskMessageArgsData) GetBooleanArg(name string) (bool, error)
func (*PTTaskMessageArgsData) GetCommandLine ¶
func (arg *PTTaskMessageArgsData) GetCommandLine() string
func (*PTTaskMessageArgsData) GetDictionaryArg ¶
func (arg *PTTaskMessageArgsData) GetDictionaryArg(name string) (map[string]interface{}, error)
func (*PTTaskMessageArgsData) GetFinalArgs ¶
func (arg *PTTaskMessageArgsData) GetFinalArgs() (string, error)
func (*PTTaskMessageArgsData) GetNumberArg ¶
func (arg *PTTaskMessageArgsData) GetNumberArg(name string) (float64, error)
func (*PTTaskMessageArgsData) GetParameterGroupArguments ¶
func (arg *PTTaskMessageArgsData) GetParameterGroupArguments() ([]CommandParameter, error)
func (*PTTaskMessageArgsData) GetParameterGroupName ¶
func (arg *PTTaskMessageArgsData) GetParameterGroupName() (string, error)
func (*PTTaskMessageArgsData) GetRawCommandLine ¶
func (arg *PTTaskMessageArgsData) GetRawCommandLine() string
func (*PTTaskMessageArgsData) GetStringArg ¶
func (arg *PTTaskMessageArgsData) GetStringArg(name string) (string, error)
func (*PTTaskMessageArgsData) GetTaskingLocation ¶
func (arg *PTTaskMessageArgsData) GetTaskingLocation() string
func (*PTTaskMessageArgsData) HasArg ¶
func (arg *PTTaskMessageArgsData) HasArg(name string) bool
func (*PTTaskMessageArgsData) LoadArgsFromDictionary ¶
func (arg *PTTaskMessageArgsData) LoadArgsFromDictionary(dictionaryArgs map[string]interface{}) error
func (*PTTaskMessageArgsData) LoadArgsFromJSONString ¶
func (arg *PTTaskMessageArgsData) LoadArgsFromJSONString(stringArgs string) error
func (*PTTaskMessageArgsData) RemoveArg ¶
func (arg *PTTaskMessageArgsData) RemoveArg(name string) error
func (*PTTaskMessageArgsData) RenameArg ¶
func (arg *PTTaskMessageArgsData) RenameArg(oldName string, newName string) error
func (*PTTaskMessageArgsData) SetArgValue ¶
func (arg *PTTaskMessageArgsData) SetArgValue(name string, value interface{}) error
func (*PTTaskMessageArgsData) SetManualArgs ¶
func (arg *PTTaskMessageArgsData) SetManualArgs(args string)
func (*PTTaskMessageArgsData) VerifyRequiredArgsHaveValues ¶
func (arg *PTTaskMessageArgsData) VerifyRequiredArgsHaveValues() (bool, error)
type PTTaskMessageCallbackData ¶
type PTTaskMessageCallbackData struct {
ID int `json:"id"`
AgentCallbackID string `json:"agent_callback_id"`
InitCallback string `json:"init_callback"`
LastCheckin string `json:"last_checkin"`
User string `json:"user"`
Host string `json:"host"`
PID int `json:"pid"`
Ip string `json:"ip"`
ExternalIp string `json:"external_ip"`
ProcessName string `json:"process_name"`
Description string `json:"description"`
OperatorID int `json:"operator_id"`
Active bool `json:"active"`
RegisteredPayloadID int `json:"registered_payload_id"`
IntegrityLevel int `json:"integrity_level"`
Locked bool `json:"locked"`
OperationID int `json:"operation_id"`
CryptoType string `json:"crypto_type"`
DecKey []byte `json:"dec_key"`
EncKey []byte `json:"enc_key"`
Os string `json:"os"`
Architecture string `json:"architecture"`
Domain string `json:"domain"`
ExtraInfo string `json:"extra_info"`
SleepInfo string `json:"sleep_info"`
}
type PTTaskMessageTaskData ¶
type PTTaskMessageTaskData struct {
ID int `json:"id"`
AgentTaskID string `json:"agent_task_id"`
CommandName string `json:"command_name"`
Params string `json:"params"`
Timestamp string `json:"timestamp"`
CallbackID int `json:"callback_id"`
Status string `json:"status"`
OriginalParams string `json:"original_params"`
DisplayParams string `json:"display_params"`
Comment string `json:"comment"`
Stdout string `json:"stdout"`
Stderr string `json:"stderr"`
Completed bool `json:"completed"`
OperatorUsername string `json:"operator_username"`
OpsecPreBlocked bool `json:"opsec_pre_blocked"`
OpsecPreMessage string `json:"opsec_pre_message"`
OpsecPreBypassed bool `json:"opsec_pre_bypassed"`
OpsecPreBypassRole string `json:"opsec_pre_bypass_role"`
OpsecPostBlocked bool `json:"opsec_post_blocked"`
OpsecPostMessage string `json:"opsec_post_message"`
OpsecPostBypassed bool `json:"opsec_post_bypassed"`
OpsecPostBypassRole string `json:"opsec_post_bypass_role"`
ParentTaskID int `json:"parent_task_id"`
SubtaskCallbackFunction string `json:"subtask_callback_function"`
SubtaskCallbackFunctionCompleted bool `json:"subtask_callback_function_completed"`
GroupCallbackFunction string `json:"group_callback_function"`
GroupCallbackFunctionCompleted bool `json:"group_callback_function_completed"`
CompletedCallbackFunction string `json:"completed_callback_function"`
CompletedCallbackFunctionCompleted bool `json:"completed_callback_function_completed"`
SubtaskGroupName string `json:"subtask_group_name"`
TaskingLocation string `json:"tasking_location"`
ParameterGroupName string `json:"parameter_group_name"`
TokenID int `json:"token_id"`
}
type PTTaskOPSECPostTaskMessageResponse ¶
type PTTaskOPSECPostTaskMessageResponse struct {
TaskID int `json:"task_id"`
Success bool `json:"success"`
Error string `json:"error"`
OpsecPostBlocked bool `json:"opsec_post_blocked"`
OpsecPostMessage string `json:"opsec_post_message"`
OpsecPostBypassed *bool `json:"opsec_post_bypassed,omitempty"`
OpsecPostBypassRole OPSEC_ROLE `json:"opsec_post_bypass_role"`
}
type PTTaskingDynamicQueryFunction ¶
type PTTaskingDynamicQueryFunction func(PTRPCDynamicQueryFunctionMessage) []string
func (PTTaskingDynamicQueryFunction) MarshalJSON ¶
func (f PTTaskingDynamicQueryFunction) MarshalJSON() ([]byte, error)
type PT_TASK_FUNCTION_STATUS ¶
type PT_TASK_FUNCTION_STATUS = string
type ParameterGroupInfo ¶
type PayloadBuildC2Profile ¶
type PayloadBuildC2Profile struct {
Name string `json:"name"`
IsP2P bool `json:"is_p2p"`
// parameter name: parameter value
// Parameters - this is an interface of parameter name -> parameter value from the associated C2 profile.
// The types for the various parameter names can be found by looking at the build parameters in the Mythic UI.
Parameters map[string]interface{} `json:"parameters"`
}
type PayloadBuildC2ProfileMessage ¶
type PayloadBuildC2ProfileMessage struct {
PayloadUUID string `json:"uuid"`
Parameters map[string]interface{} `json:"parameters"`
BuildParameters map[string]interface{} `json:"build_parameters"`
SelectedOS string `json:"selected_os"`
PayloadType string `json:"payload_type"`
}
building just an ad-hoc c2 profile for an already existing payload
type PayloadBuildMessage ¶
type PayloadBuildMessage struct {
// PayloadType - the name of the payload type for the build
PayloadType string `json:"payload_type"`
// CommandList - the list of commands the user selected to include in the build
CommandList []string `json:"commands"`
// build param name : build value
// BuildParameters - map of param name -> build value from the user for the build parameters defined
BuildParameters map[string]interface{} `json:"build_parameters"`
// C2Profiles - list of C2 profiles selected to include in the payload and their associated parameters
C2Profiles []PayloadBuildC2Profile `json:"c2profiles"`
// WrappedPayload - bytes of the wrapped payload if one exists
WrappedPayload *[]byte `json:"wrapped_payload,omitempty"`
// SelectedOS - the operating system the user selected when building the agent
SelectedOS string `json:"selected_os"`
// PayloadUUID - the Mythic generated UUID for this payload instance
PayloadUUID string `json:"uuid"`
// PayloadFileUUID - The Mythic generated File UUID associated with this payload
PayloadFileUUID string `json:"payload_file_uuid"`
}
type PayloadBuildResponse ¶
type PayloadBuildResponse struct {
// PayloadUUID - The UUID associated with this payload
PayloadUUID string `json:"uuid"`
// Success - was this build process successful or not
Success bool `json:"success"`
// Payload - the raw bytes of the payload that was compiled/created
Payload *[]byte `json:"payload,omitempty"`
// UpdatedCommandList - if you want to adjust the list of commands in this payload from what the user provided,
// provide the updated list of command names here
UpdatedCommandList *[]string `json:"updated_command_list,omitempty"`
// BuildStdErr - build stderr message to associate with the build
BuildStdErr string `json:"build_stderr"`
// BuildStdOut - build stdout message to associate with the build
BuildStdOut string `json:"build_stdout"`
// BuildMessage - general message to associate with the build. Usually not as verbose as the stdout/stderr.
BuildMessage string `json:"build_message"`
}
type PayloadConfiguration ¶
type PayloadConfiguration struct {
Description string `json:"tag"`
PayloadType string `json:"payload_type" binding:"required"`
C2Profiles *[]PayloadConfigurationC2Profile `json:"c2_profiles,omitempty"`
BuildParameters *[]PayloadConfigurationBuildParameter `json:"build_parameters,omitempty"`
Commands []string `json:"commands"`
SelectedOS string `json:"selected_os" binding:"required"`
Filename string `json:"filename" binding:"required"`
WrappedPayloadUUID string `json:"wrapped_payload"`
}
exporting a payload configuration
type PayloadConfigurationBuildParameter ¶
type PayloadConfigurationBuildParameter struct {
Name string `json:"name" binding:"required"`
Value interface{} `json:"value" binding:"required"`
}
type PayloadType ¶
type PayloadType struct {
Name string `json:"name"`
FileExtension string `json:"file_extension"`
Author string `json:"author"`
SupportedOS []string `json:"supported_os"`
Wrapper bool `json:"wrapper"`
CanBeWrappedByTheFollowingPayloadTypes []string `json:"supported_wrapper_payload_types"`
SupportsDynamicLoading bool `json:"supports_dynamic_load"`
Description string `json:"description"`
SupportedC2Profiles []string `json:"supported_c2_profiles"`
TranslationContainerName string `json:"translation_container_name"`
MythicEncryptsData bool `json:"mythic_encrypts"`
BuildParameters []BuildParameter `json:"build_parameters"`
BuildSteps []BuildStep `json:"build_steps"`
AgentIcon *[]byte `json:"agent_icon"` // automatically filled in based on Name
CustomRPCFunctions map[string]func(message PTRPCOtherServiceRPCMessage) PTRPCOtherServiceRPCMessageResponse `json:"-"`
}
type PayloadTypeSyncMessage ¶
type PayloadTypeSyncMessage struct {
PayloadType PayloadType `json:"payload_type"`
CommandList []Command `json:"commands"`
ContainerVersion string `json:"container_version"`
}
type PayloadTypeSyncMessageResponse ¶
type PayloadTypeSyncMessageResponse struct {
Success bool `json:"success"`
Error string `json:"error"`
}
PAYLOAD_SYNC STRUCTS
type PtTaskFunctionCreateTasking ¶
type PtTaskFunctionCreateTasking func(*PTTaskMessageAllData) PTTaskCreateTaskingMessageResponse
PtTaskFunctionCreateTasking - Process the tasking request from the user. If you want to access/modify the arguments for this task, use the Task.Args.* functions.
type PtTaskFunctionOPSECPost ¶
type PtTaskFunctionOPSECPost func(*PTTaskMessageAllData) PTTaskOPSECPostTaskMessageResponse
Tasking step 3: Task message/process after running create_tasking but before the task can be picked up by an agent
this is the time to check any artifacts generated from create_tasking
type PtTaskFunctionOPSECPre ¶
type PtTaskFunctionOPSECPre func(*PTTaskMessageAllData) PTTTaskOPSECPreTaskMessageResponse
type PtTaskFunctionParseArgDictionary ¶
type PtTaskFunctionParseArgDictionary func(args *PTTaskMessageArgsData, input map[string]interface{}) error
type PtTaskFunctionParseArgString ¶
type PtTaskFunctionParseArgString func(args *PTTaskMessageArgsData, input string) error
type PtTaskFunctionProcessResponse ¶
type PtTaskFunctionProcessResponse func(PtTaskProcessResponseMessage) PTTaskProcessResponseMessageResponse
type PtTaskProcessResponseMessage ¶
type PtTaskProcessResponseMessage struct {
TaskData *PTTaskMessageAllData `json:"task"`
Response interface{} `json:"response"`
}
Tasking step 5: Task message/process to run for more manual processing of a message's response data
type RabbitmqDirectMethod ¶
type RabbitmqRPCMethod ¶
type SubtaskGroupName ¶
type SubtaskGroupName = string
Tasking step 4: Run this when the specified task completes
Source Files
Click to show internal directories.
Click to hide internal directories.