CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/data/headers/windows/c_payload_util/beacon.h
Views: 1904
/*1* Beacon Object Files (BOF)2* -------------------------3* A Beacon Object File is a light-weight post exploitation tool that runs4* with Beacon's inline-execute command.5*6* Additional BOF resources are available here:7* - https://github.com/Cobalt-Strike/bof_template8*9* Cobalt Strike 4.x10* ChangeLog:11* 1/25/2022: updated for 4.512*/1314/* data API */15typedef struct {16char * original; /* the original buffer [so we can free it] */17char * buffer; /* current pointer into our buffer */18int length; /* remaining length of data */19int size; /* total size of this buffer */20} datap;2122DECLSPEC_IMPORT void BeaconDataParse(datap * parser, char * buffer, int size);23DECLSPEC_IMPORT char * BeaconDataPtr(datap * parser, int size);24DECLSPEC_IMPORT int BeaconDataInt(datap * parser);25DECLSPEC_IMPORT short BeaconDataShort(datap * parser);26DECLSPEC_IMPORT int BeaconDataLength(datap * parser);27DECLSPEC_IMPORT char * BeaconDataExtract(datap * parser, int * size);2829/* format API */30typedef struct {31char * original; /* the original buffer [so we can free it] */32char * buffer; /* current pointer into our buffer */33int length; /* remaining length of data */34int size; /* total size of this buffer */35} formatp;3637DECLSPEC_IMPORT void BeaconFormatAlloc(formatp * format, int maxsz);38DECLSPEC_IMPORT void BeaconFormatReset(formatp * format);39DECLSPEC_IMPORT void BeaconFormatAppend(formatp * format, char * text, int len);40DECLSPEC_IMPORT void BeaconFormatPrintf(formatp * format, char * fmt, ...);41DECLSPEC_IMPORT char * BeaconFormatToString(formatp * format, int * size);42DECLSPEC_IMPORT void BeaconFormatFree(formatp * format);43DECLSPEC_IMPORT void BeaconFormatInt(formatp * format, int value);4445/* Output Functions */46#define CALLBACK_OUTPUT 0x047#define CALLBACK_OUTPUT_OEM 0x1e48#define CALLBACK_OUTPUT_UTF8 0x2049#define CALLBACK_ERROR 0x0d5051DECLSPEC_IMPORT void BeaconOutput(int type, char * data, int len);52DECLSPEC_IMPORT void BeaconPrintf(int type, char * fmt, ...);535455/* Token Functions */56DECLSPEC_IMPORT BOOL BeaconUseToken(HANDLE token);57DECLSPEC_IMPORT void BeaconRevertToken();58DECLSPEC_IMPORT BOOL BeaconIsAdmin();5960/* Spawn+Inject Functions */61DECLSPEC_IMPORT void BeaconGetSpawnTo(BOOL x86, char * buffer, int length);62DECLSPEC_IMPORT void BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);63DECLSPEC_IMPORT void BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);64DECLSPEC_IMPORT BOOL BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);65DECLSPEC_IMPORT void BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);6667/* Utility Functions */68DECLSPEC_IMPORT BOOL toWideChar(char * src, wchar_t * dst, int max);697071