Home Projects About

Vulpes: Commands

Table of Contents

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Mauris eu pellentesque nisi, vel tincidunt arcu. Proin molestie risus eu arcu imperdiet, non elementum velit commodo. Vivamus quis ex tincidunt ipsum mollis suscipit. Maecenas ullamcorper risus at nisl feugiat commodo. Vivamus condimentum finibus tincidunt. Cras tincidunt ligula erat, vel vulputate diam dapibus id. Cras elementum maximus est, et ultricies odio interdum eget. Nunc fermentum fringilla elit nec tristique. Nunc rhoncus vel lectus ac tempus. Aenean eu nisl sollicitudin, venenatis velit a, sollicitudin velit. Nunc tempus ex sit amet tortor interdum, a feugiat velit malesuada. Aenean faucibus nulla nec volutpat eleifend.

Available

# Name Description
1 cat Using stdlib, read the contents of the file and return the data (or the exception).
2 download The stdlib will be used to read the bytes from disk.
3 executeassembly Host a .NET CLR in the current process, execute the assembly, and then cleanly exit.
4 getdrivers Enumerate all the system drivers.
5 getenv Parse the Environmental Variable from the PEB Structure
6 getexports Enumerate all the exports in a given dll.
7 gethandles Enumerate all the handles for a process.
8 getmodules Using the WINAPI, list the modules loaded by a process. If a PID is passed, the data is filtered
9 getregions Enumerate all the memory regions in a process.
10 getsystem Pass in a PID to a SYSTEM process. The Access Token is cloned and set on the executing thread
11 getthreads Using the WINAPI, list the threads used by a process. If a PID is passed, the data is filtered
12 hostname Return GetComputerName()
13 huntrwx Using the NtQueryVirtualMemory SysCall, identify RWX Regions
14 inject Using the configured method, inject a stageless implant into the target process.
15 injectbin Using the configured method, inject specified shellcode into the target process.
16 injectrdll Inject A Reflective DLL into a process. Setting the pid to 0 will self-inject. The injection is done via the configured method in the server configuration file.
17 loaddll Using LoadLibraryA, load a DLL from disk.
18 ls Use FindFirstFile & FindNextFile to cycle through either a user specified directory, or the current directory.
19 modulegrep Using the WINAPI, list the processes on the host and enumerate the loaded modules
20 procgrep Using the WINAPI, list the processes on the host and filter by name
21 ps Using the WINAPI, list the processes on the host. If a PID is passed, the data is filtered
22 pwd Extract the current path from the PEB.
23 setpriv Using the WINAPI, Set or remove a privilege
24 spawn Using the configured method, inject a stageless implant into the newly created process.
25 upload The stdlib will be used to write the bytes to disk.
26 whoami Return GetComputerName()\GetUsername() (CONTOSO\Administrator).