Added more TODOs
This commit is contained in:
Jakob Friedl
@@ -6,22 +6,23 @@ export shell, sleep, pwd, cd, ls
|
|||||||
|
|
||||||
House-keeping
|
House-keeping
|
||||||
-------------
|
-------------
|
||||||
[~] sleep : Set sleep obfuscation duration to a different value and persist that value in the agent
|
[X] sleep : Set sleep obfuscation duration to a different value and persist that value in the agent
|
||||||
|
|
||||||
Basic API-only Commands
|
Basic API-only Commands
|
||||||
-----------------------
|
-----------------------
|
||||||
[~] pwd : Get current working directory
|
[X] pwd : Get current working directory
|
||||||
[~] cd : Change directory
|
[X] cd : Change directory
|
||||||
[ ] ls/dir : List all files in directory (including hidden ones)
|
[X] ls/dir : List all files in directory (including hidden ones)
|
||||||
[ ] cat/type : Display contents of a file
|
[ ] cat/type : Display contents of a file
|
||||||
[ ] env : Display environment variables
|
[ ] env : Display environment variables
|
||||||
[ ] ps : List processes
|
[ ] ps : List processes
|
||||||
[ ] whoami : Get UID and privileges, etc.
|
[ ] whoami : Get UID and privileges, etc.
|
||||||
|
|
||||||
[ ] token : Token impersonation
|
[ ] token : Token impersonation
|
||||||
[ ] make : Create a token from a user's plaintext password
|
[ ] make : Create a token from a user's plaintext password (LogonUserA, ImpersonateLoggedOnUser)
|
||||||
[ ] steal : Steal the access token from a process
|
[ ] steal : Steal the access token from a process (OpenProcess, OpenProcessToken, DuplicateToken, ImpersonateLoggedOnUser)
|
||||||
[ ] use : Impersonate a token from the token vault
|
[ ] use : Impersonate a token from the token vault (ImpersonateLoggedOnUser) -> update username like in Cobalt Strike
|
||||||
|
[ ] rev2self : Revert to original logon session (RevertToSelf)
|
||||||
|
|
||||||
Execution Commands
|
Execution Commands
|
||||||
------------------
|
------------------
|
||||||
|
|||||||
Reference in New Issue
Block a user