API: Payloads
List of payload plugins
Request
| GET /api/v1/plugins/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
List of payload templates
Request
| GET /api/v1/payloads/templates HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Create new payload
To construct a new payload, it is requisite to furnish the identifier (ID) of the desired payload template type. Additionally, the specification of the listener to which the payload will establish a connection is mandatory. Further, any supplementary configuration mandated by the plugin corresponding to the chosen template must be provided. It is also possible to determine whether the communication between the Command and Control (C2) server and the agent should be encrypted internally. It is pertinent to note that this internal encryption is independent of any external protocol encryption, such as HTTPS, that may be in effect.
Request
| POST /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"payloadTemplateId": "PAYLOAD_TEMPLATE_ID",
"configuration": {PAYLOAD_CONFIGURATION},
"listenerId": 1,
"encrypted": true
}
|
Example
| POST /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"payloadTemplateId": "shelldot.payload.windows-x64",
"configuration": {
"type": "EXECUTABLE",
"initialWait": 60,
"paddingSize": 1000000
},
"listenerId": 1,
"encrypted": true
}
|
List all created payloads
Request
| GET /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
See created payload data
Request
| GET /api/v1/payloads/1 HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Download created payloads
Request
| GET /api/v1/payloads/{PAYLOAD_I}/download HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|