2.1 KiB
2.1 KiB
Modules
Contents
Overview
Currently, the following commands are available in the Monarch agent when all modules are activated.
* exit Exit the agent.
* self-destruct Exit the agent and delete the executable from disk.
* sleep Update sleep delay settings.
* sleepmask Update sleepmask settings.
* shell Execute a shell command and retrieve the output.
* bof Execute an object file in memory and retrieve the output.
* dotnet Execute a .NET assembly in memory and retrieve the output.
* pwd Retrieve current working directory.
* cd Change current working directory.
* ls List files and directories.
* rm Remove a file.
* rmdir Remove a directory.
* move Move a file or directory.
* copy Copy a file or directory.
* download Download a file.
* upload Upload a file.
* screenshot Take a screenshot of the target system.
* ps Display running processes.
* env Display environment variables.
* make-token Create an access token from username and password.
* steal-token Steal the primary access token of a remote process.
* rev2self Revert to original access token.
* token-info Retrieve information about the current access token.
* enable-privilege Enable a token privilege.
* disable-privilege Disable a token privilege.