GithubHelp home page GithubHelp logo

mitre / builder Goto Github PK

View Code? Open in Web Editor NEW
2.0 21.0 6.0 44 KB

Caldera plugin to dynamically compile code segments from abilities

Home Page: https://caldera.mitre.org/

Python 76.74% Shell 12.40% HTML 6.61% Vue 4.25%
caldera-plugin caldera

builder's Introduction

MITRE Caldera Plugin: Builder

The Builder plugin enables Caldera to dynamically compile code segments into payloads that can be executed as abilities by implants.

Installation:

Install the required docker components with the following command:

sudo ./install.sh

Dependencies/Requirements:

  1. Docker
  2. docker-py

Sample Ability

The following ability will compile the HelloWorld.exe executable, copy it to the machine running the agent, and execute it using either cmd or PowerShell.

---

- id: 096a4e60-e761-4c16-891a-3dc4eff02e74
  name: C# Hello World
  description: Dynamically compile HelloWorld.exe
  tactic: execution
  technique:
    attack_id: T1059
    name: Command-Line Interface
  platforms:
    windows:
      psh,cmd:
        build_target: HelloWorld.exe
        language: csharp
        code: |
          using System;

          namespace HelloWorld
          {
              class Program
              {
                  static void Main(string[] args)
                  {
                      Console.WriteLine("Hello World!");
                  }
              }
          }

DLL dependencies can be added by declaring a payloads list at the root of the ability.

builder's People

Contributors

clenk avatar elegantmoose avatar iguannalin avatar jamiescottc avatar khyberspache avatar nopfor avatar privateducky avatar techringer avatar wbooth avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

yalonso7 dekoder yanni102 techringer b1tst0rm jimmir45

builder's Issues

All dockercross images are being pulled instead of just the latest

Describe the bug
Docker images for dockcross/windows-static are pulling all matching images instead of using just the latest

To Reproduce
Steps to reproduce the behavior:

  1. launch the Caldera server.py script with builder plugin enabled

Expected behavior
Only latest image should be pulled for dockercross, just like mono and golang

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: Ubuntu 22.04

Additional context
I let it run all afternoon and filled up over 600Gb for all the different tags for windows-static-x64 image before I quit and added the tag.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.