GetJob returns a string array containing the commands, in the proper order, to be used with agents.AddJob
(method string, shellcode string, pid string)
| 88 | |
| 89 | // GetJob returns a string array containing the commands, in the proper order, to be used with agents.AddJob |
| 90 | func GetJob(method string, shellcode string, pid string) ([]string, error) { |
| 91 | // TODO shellcode input needs to be Base64 encoded |
| 92 | switch strings.ToLower(method) { |
| 93 | case "self": |
| 94 | return []string{"shellcode", "self", shellcode}, nil |
| 95 | case "remote": |
| 96 | return []string{"shellcode", "remote", pid, shellcode}, nil |
| 97 | case "rtlcreateuserthread": |
| 98 | return []string{"shellcode", "rtlcreateuserthread", pid, shellcode}, nil |
| 99 | case "userapc": |
| 100 | return []string{"shellcode", "userapc", pid, shellcode}, nil |
| 101 | } |
| 102 | return nil, errors.New("a valid shellcode method was not provided") |
| 103 | } |
| 104 | |
| 105 | // ParseShellcode determines if the inputs is a file and/or what format the shellcode is in (hex, binary, CSharp) |
| 106 | // Input string can be a file path or shellcode itself |