API: Payloads
This guide explains how to manage payloads using the API.
List Payload Plugins
Retrieve all available payload plugins:
| GET /api/v1/plugins/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
List Payload Templates
Get a list of supported payload templates:
| GET /api/v1/payloads/templates HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Create a New Payload
Create a new payload by supplying the payload template ID, configuration, listener ID, and whether internal encryption is enabled. (Note: internal encryption is separate from external encryption like HTTPS.)
Request:
| POST /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"payloadTemplateId": "PAYLOAD_TEMPLATE_ID",
"configuration": {PAYLOAD_CONFIGURATION},
"listenerId": 1,
"encrypted": true
}
|
Examples
Example 1 – Windows X86 Debug Executable Payload
| POST /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"payloadTemplateId": "shelldot.payload.windows-x86",
"configuration": {
"type": "DEBUG_EXECUTABLE",
"initialWait": 0,
"paddingSize": 0
},
"listenerId": 1,
"encrypted": false
}
|
Example 2 – Windows X64 DLL Payload
| POST /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"payloadTemplateId": "shelldot.payload.windows-x64",
"configuration": {
"type": "DLL",
"dllMethodName": "skippy"
},
"listenerId": 1,
"encrypted": true
}
|
List All Payloads
Retrieve a list of all created payloads:
| GET /api/v1/payloads HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
View Payload Details
Fetch detailed information about a specific payload using its ID:
| GET /api/v1/payloads/{PAYLOAD_ID} HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Download a Payload
Download the agent associated with a particular payload:
| GET /api/v1/payloads/{PAYLOAD_ID}/download HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|