Documentation
¶
Overview ¶
File dropper download and execute payloads.
The dropper package contains all the code for download and execute payloads. Unlike the other payloads this package is necessarily OS dependent for both the download and execution portions.
Index ¶
- Variables
- type Dropper
- type GroovyPayload
- type PHPPayload
- type UnixPayload
- type WindowsPayload
- func (win *WindowsPayload) CertutilHTTP(lhost string, lport int, ssl bool, downloadFile string) string
- func (win *WindowsPayload) CurlHTTP(lhost string, lport int, ssl bool, downloadFile string) string
- func (win *WindowsPayload) PowershellHTTP(lhost string, lport int, ssl bool, downloadFile string) string
Constants ¶
This section is empty.
Variables ¶
View Source
var ( Unix = &UnixPayload{} Windows = &WindowsPayload{} Groovy = &GroovyPayload{} PHP = &PHPPayload{} )
View Source
var ( //go:embed php/dropper.php PHPDropper string //go:embed php/dropper_secure.php PHPDropperSecure string )
Functions ¶
This section is empty.
Types ¶
type GroovyPayload ¶ added in v1.16.0
type GroovyPayload struct{}
type PHPPayload ¶ added in v1.19.0
type PHPPayload struct{}
type UnixPayload ¶
type UnixPayload struct{}
func (*UnixPayload) EitherHTTP ¶
Download a remote file with curl or wget, execute it, and delete it.
type WindowsPayload ¶
type WindowsPayload struct{}
func (*WindowsPayload) CertutilHTTP ¶
func (win *WindowsPayload) CertutilHTTP(lhost string, lport int, ssl bool, downloadFile string) string
Download a remote file with certutil.exe, execute it, and delete it (after execution).
func (*WindowsPayload) CurlHTTP ¶
Download a remote file with curl.exe, execute it, and delete it (after execution).
func (*WindowsPayload) PowershellHTTP ¶
func (win *WindowsPayload) PowershellHTTP(lhost string, lport int, ssl bool, downloadFile string) string
Download a remote file with PowerShell, execute it, and delete it (after execution).
Source Files
Click to show internal directories.
Click to hide internal directories.