forked from trustedsec/CS-Situational-Awareness-BOF
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add env,get-netsession2,list_firewall_rules,locale,netlocalgroup2,net…
…loggedon,netloggedon2,nettime,netuptime,nonpagedldapsearch,notepad,probe,regsession
- Loading branch information
Showing
14 changed files
with
488 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| { | ||
| "name": "env", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-env", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "List process environment variables", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "env.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "env.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| { | ||
| "name": "get-netsession2", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-get-netsession2", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "Modified version of netsession that supports BOFHound", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "get-netsession2.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "get-netsession2.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [ | ||
| { | ||
| "name": "hostname", | ||
| "desc": "Represents the hostname.", | ||
| "type": "wstring", | ||
| "optional": true | ||
| }, | ||
| { | ||
| "name": "resolveMethod", | ||
| "desc": "Method to resolve the hostname.", | ||
| "type": "integer", | ||
| "optional": true | ||
| }, | ||
| { | ||
| "name": "dnsserver", | ||
| "desc": "DNS server address.", | ||
| "type": "string", | ||
| "optional": true | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| { | ||
| "name": "list_firewall_rules", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-list_firewall_rules", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "List Windows firewall rules", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "list_firewall_rules.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "list_firewall_rules.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| { | ||
| "name": "locale", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-locale", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "List system locale language, locale ID, date, time, and country", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "locale.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "locale.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| { | ||
| "name": "netlocalgroup2", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-netlocalgroup2", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "List server group members", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "netlocalgroup2.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "netlocalgroup2.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [ | ||
| { | ||
| "name": "server", | ||
| "desc": "Represents the server.", | ||
| "type": "wstring", | ||
| "optional": false | ||
| }, | ||
| { | ||
| "name": "group", | ||
| "desc": "Represents the group", | ||
| "type": "integer", | ||
| "optional": true | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| { | ||
| "name": "netloggedon", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-netloggedon", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "Return users logged on the local or remote computer", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "netloggedon.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "netloggedon.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [ | ||
| { | ||
| "name": "servername", | ||
| "desc": "Represents the server name", | ||
| "type": "wstring", | ||
| "optional": false | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| { | ||
| "name": "netloggedon2", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-netloggedon2", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "Modified version of netloggedon that supports BOFHound", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "netloggedon2.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "netloggedon2.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [ | ||
| { | ||
| "name": "computername", | ||
| "desc": "Represents the computer name", | ||
| "type": "wstring", | ||
| "optional": true | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| { | ||
| "name": "nettime", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-nettime", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "Display time on remote computer", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "nettime.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "nettime.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [ | ||
| { | ||
| "name": "hostname", | ||
| "desc": "Represents the hostname", | ||
| "type": "wstring", | ||
| "optional": false | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| { | ||
| "name": "netuptime", | ||
| "version": "0.0.0", | ||
| "command_name": "sa-netuptime", | ||
| "extension_author": "c2biz", | ||
| "original_author": "TrustedSec", | ||
| "repo_url": "https://github.com/sliverarmory/CS-Situational-Awareness-BOF", | ||
| "help": "Return information about the boot time on the local or remote computer", | ||
| "long_help": "", | ||
| "depends_on": "coff-loader", | ||
| "entrypoint": "go", | ||
| "files": [ | ||
| { | ||
| "os": "windows", | ||
| "arch": "amd64", | ||
| "path": "netuptime.x64.o" | ||
| }, | ||
| { | ||
| "os": "windows", | ||
| "arch": "386", | ||
| "path": "netuptime.x86.o" | ||
| } | ||
| ], | ||
| "arguments": [ | ||
| { | ||
| "name": "computername", | ||
| "desc": "Represents the computername", | ||
| "type": "wstring", | ||
| "optional": false | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.