MCPcopy
hub / github.com/Ne0nd0g/merlin / Parse

Function Parse

pkg/modules/shellcode/shellcode.go:35–87  ·  view source on GitHub ↗

Parse is the initial entry point for all extended modules. All validation checks and processing will be performed here The function input types are limited to strings and therefore require additional processing

(options map[string]string)

Source from the content-addressed store, hash-verified

33// Parse is the initial entry point for all extended modules. All validation checks and processing will be performed here
34// The function input types are limited to strings and therefore require additional processing
35func Parse(options map[string]string) ([]string, error) {
36 if len(options) != 3 {
37 return nil, fmt.Errorf("3 arguments were expected, %d were provided", len(options))
38 }
39 var b64 string
40
41 f, errF := os.Stat(options["shellcode"])
42 if errF != nil {
43 h, errH := parseHex([]string{options["shellcode"]})
44 if errH != nil {
45 return nil, errH
46 }
47 b64 = base64.StdEncoding.EncodeToString(h)
48 } else {
49 if f.IsDir() {
50 return nil, fmt.Errorf("a directory was provided instead of a file: %s", options["shellcode"])
51 }
52 b, errB := parseShellcodeFile(options["shellcode"])
53 if errB != nil {
54 return nil, fmt.Errorf("there was an error parsing the shellcode file:\r\n%s", errB.Error())
55 }
56 b64 = base64.StdEncoding.EncodeToString(b)
57 }
58
59 // Convert PID to integer
60 if options["pid"] != "" {
61 _, errPid := strconv.Atoi(options["pid"])
62 if errPid != nil {
63 return nil, fmt.Errorf("there was an error converting the PID to an integer:\r\n%s", errPid.Error())
64 }
65 }
66
67 if strings.ToLower(options["method"]) != "self" && options["pid"] == "" {
68 return nil, fmt.Errorf("a valid PID must be provided for any method except self")
69 }
70
71 // Verify Method is a valid type
72 switch strings.ToLower(options["method"]) {
73 case "self":
74 case "remote":
75 case "rtlcreateuserthread":
76 case "userapc":
77 default:
78 return nil, fmt.Errorf("invalid shellcode execution method: %s", options["method"])
79
80 }
81 command, errCommand := GetJob(options["method"], b64, options["pid"])
82 if errCommand != nil {
83 return nil, fmt.Errorf("there was an error getting the shellcode job:\r\n%s", errCommand.Error())
84 }
85
86 return command, nil
87}
88
89// GetJob returns a string array containing the commands, in the proper order, to be used with agents.AddJob
90func GetJob(method string, shellcode string, pid string) ([]string, error) {

Callers 1

getExtendedCommandFunction · 0.92

Calls 4

parseHexFunction · 0.85
parseShellcodeFileFunction · 0.85
ErrorMethod · 0.80
GetJobFunction · 0.70

Tested by

no test coverage detected