extensions

package
v1.6.43 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2025 License: GPL-3.0 Imports: 35 Imported by: 0

README

Extensions

Allows to load and execute 3rd party extensions.

Extensions directory structures can be arbitrary, however in the root of the directory or .tar.gz there must be a extension.json or a alias.json file. All paths are relative to the manifest/root directory, parent directories are not allowed. Only files listed in the manifest are copied, any other files will be ignored.

/path/to/extension/folder/
├── extension.json
└── windows
│    └── extension.x86.dll
│    └── extension.x64.dll
└── linux
│    └── extension.x86.so
│    └── extension.x64.so
└── darwin
     └── extension.x86.dylib
     └── extension.x64.dylib

Here's an example manifest (i.e., the extension.json or a alias.json):

{
    "name": "foo",
    "version": "1.0.0",
    "extension_author": "ac1d-burn",
    "original_author": "zer0-cool",
    "repo_url": "https://github.com/foo/bar",
    "help": "Help for foo command",
    "entrypoint": "RunFoo",
    "init" :"NimMain",
    "depends_on": "bar",
    "files": [
        {
            "os": "windows",
            "arch": "amd64",
            "path": "extension.x64.o",
        }
    ],
    "arguments": [
        {"name": "pid", "type": "int", "desc": "pid", "optional": false},
    ]
}

The structure is the following one:

  • name: name of the extension, which will also be the name of the command in the sliver client
  • help: the documentation for the new command
  • entrypoint: the name of the exported function to call
  • files: a list of object pointing to the extensions files to load for each architectures and operating systems
  • init: the initialization function name (if relevant, can be omitted)
  • arguments: an optional list of objects (for DLLs), but mandatory for BOFs
  • depends_on: the name of an extension required by the current extension (won't load if the dependency is not loaded)

The type of an argument can be one of the following:

  • string: regular ASCII string
  • wstring: string that will be UTF16 encoded
  • int: will be parsed as a 32 bit unsigned integer
  • short: will be parsed as a 16 bit unsigned integer
  • file: a string to a file path on the client side which content will be passed to the BOF

Documentation

Index

Constants

View Source
const (

	// ManifestFileName - Extension manifest file name.
	ManifestFileName = "extension.json"
)

Variables

This section is empty.

Functions

func CmdExists

func CmdExists(name string, cmd *cobra.Command) bool

CmdExists - checks if a command exists.

func Commands

func Commands(con *console.SliverClient) []*cobra.Command

Commands returns the 'extensions' command and its subcommands.

func ExtensionLoadCmd

func ExtensionLoadCmd(cmd *cobra.Command, con *console.SliverClient, args []string)

ExtensionLoadCmd - Temporarily installs an extension from a local directory into the client. The extension must contain a valid manifest file. If commands from the extension already exist, the user will be prompted to overwrite them.

func ExtensionRegisterCommand

func ExtensionRegisterCommand(extCmd *ExtCommand, cmd *cobra.Command, con *console.SliverClient)

ExtensionRegisterCommand adds an extension command to the cobra command system. It validates the extension's arguments, updates the loadedExtensions map, and creates a cobra.Command with proper usage text, help documentation, and argument handling. The command is added as a subcommand to the provided parent cobra.Command. Arguments are displayed in the help text as uppercase, with optional args in square brackets. The help text includes sections for command usage, description, and detailed argument specifications.

func ExtensionsCmd

func ExtensionsCmd(cmd *cobra.Command, con *console.SliverClient)

ExtensionsCmd - List information about installed extensions.

func ExtensionsCommandNameCompleter

func ExtensionsCommandNameCompleter(con *console.SliverClient) carapace.Action

ExtensionsCommandNameCompleter - Completer for installed extensions command names.

func ExtensionsInstallCmd

func ExtensionsInstallCmd(cmd *cobra.Command, con *console.SliverClient, args []string)

ExtensionsInstallCmd - Install an extension.

func ExtensionsListCmd

func ExtensionsListCmd(cmd *cobra.Command, con *console.SliverClient, args []string)

ExtensionsListCmd - List all extension loaded on the active session/beacon.

func ExtensionsRemoveCmd

func ExtensionsRemoveCmd(cmd *cobra.Command, con *console.SliverClient, args []string)

ExtensionsRemoveCmd - Remove an extension.

func FindExtensionMatches

func FindExtensionMatches(targetHashes []string) map[string]*ExtensionMatch

FindExtensionMatches searches through loaded extensions for matching hashes Returns a map of hash to ExtensionMatch (match will be nil if hash wasn't found)

func GetAllExtensionManifests

func GetAllExtensionManifests() []string

GetAllExtensionManifests returns a combined list of manifest file paths from both installed and temporarily loaded extensions

func InstallFromDir

func InstallFromDir(extLocalPath string, promptToOverwrite bool, con *console.SliverClient, isGz bool)

InstallFromDir installs a Sliver extension from either a local directory or gzipped archive. It reads the extension manifest, validates it, and copies all required files to the extensions directory. If an extension with the same name already exists, it can optionally prompt for overwrite confirmation.

Parameters:

  • extLocalPath: Path to the source directory or gzipped archive containing the extension
  • promptToOverwrite: If true, prompts for confirmation before overwriting existing extension
  • con: Sliver console client for displaying status and error messages
  • isGz: Whether the source is a gzipped archive (true) or directory (false)

The function will return early with error messages printed to console if:

  • The manifest cannot be read or parsed
  • Required directories cannot be created
  • File copy operations fail
  • User declines overwrite when prompted

func ManifestCompleter

func ManifestCompleter() carapace.Action

func ParseFlagArgumentsToBuffer

func ParseFlagArgumentsToBuffer(_ *cobra.Command, args []string, _ string, ext *ExtCommand) ([]byte, error)

ParseFlagArgumentsToBuffer parses flag-style arguments based on extension manifest and converts them to a BOF-compatible binary buffer

func PrintExtOutput

func PrintExtOutput(extName string, commandName string, outputSchema *packages.OutputSchema, callExtension *sliverpb.CallExtension, con *console.SliverClient)

PrintExtOutput - Print the ext execution output.

func PrintExtensionMatches

func PrintExtensionMatches(matches map[string]*ExtensionMatch, con *console.SliverClient)

PrintExtensionMatches prints the extension matches in a formatted table

func PrintExtensions

func PrintExtensions(con *console.SliverClient)

PrintExtensions - Print a list of loaded extensions.

func RemoveExtensionByCommandName

func RemoveExtensionByCommandName(commandName string, con *console.SliverClient) error

RemoveExtensionByCommandName - Remove an extension by command name.

func RemoveExtensionByManifestName

func RemoveExtensionByManifestName(manifestName string, con *console.SliverClient) (bool, error)

RemoveExtensionByManifestName - remove by the named manifest, returns true if manifest was removed, false if no manifest with that name was found

func SliverCommands

func SliverCommands(con *console.SliverClient) []*cobra.Command

Types

type ExtCommand

type ExtCommand struct {
	CommandName string                 `json:"command_name"`
	Help        string                 `json:"help"`
	LongHelp    string                 `json:"long_help"`
	Files       []*extensionFile       `json:"files"`
	Arguments   []*extensionArgument   `json:"arguments"`
	Entrypoint  string                 `json:"entrypoint"`
	DependsOn   string                 `json:"depends_on"`
	Init        string                 `json:"init"`
	Schema      *packages.OutputSchema `json:"schema"`

	Manifest *ExtensionManifest
}

type ExtensionManifest

type ExtensionManifest struct {
	Name            string `json:"name"`
	PackageName     string `json:"package_name"`
	Version         string `json:"version"`
	ExtensionAuthor string `json:"extension_author"`
	OriginalAuthor  string `json:"original_author"`
	RepoURL         string `json:"repo_url"`

	ExtCommand []*ExtCommand `json:"commands"`

	RootPath   string `json:"-"`
	ArmoryName string `json:"-"`
	ArmoryPK   string `json:"-"`
}

func LoadExtensionManifest

func LoadExtensionManifest(manifestPath string) (*ExtensionManifest, error)

LoadExtensionManifest loads and parses an extension manifest file from the given path. It registers each command defined in the manifest into the loadedExtensions map and registers the complete manifest into loadedManifests. A single manifest may contain multiple extension commands. The manifest's RootPath is set to its containing directory. Returns the parsed manifest and any errors encountered.

func ParseExtensionManifest

func ParseExtensionManifest(data []byte) (*ExtensionManifest, error)

parseExtensionManifest - Parse extension manifest from buffer (legacy, only parses one)

type ExtensionManifest_

type ExtensionManifest_ struct {
	Name            string               `json:"name"`
	CommandName     string               `json:"command_name"`
	Version         string               `json:"version"`
	ExtensionAuthor string               `json:"extension_author"`
	OriginalAuthor  string               `json:"original_author"`
	RepoURL         string               `json:"repo_url"`
	Help            string               `json:"help"`
	LongHelp        string               `json:"long_help"`
	Files           []*extensionFile     `json:"files"`
	Arguments       []*extensionArgument `json:"arguments"`
	Entrypoint      string               `json:"entrypoint"`
	DependsOn       string               `json:"depends_on"`
	Init            string               `json:"init"`

	RootPath string `json:"-"`
}

type ExtensionMatch

type ExtensionMatch struct {
	CommandName string
	Hash        string
	BinPath     string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL