AxFunction
Data Model
agents
Get information about all agents calling back to this Adaptix teamserver.
AGENT[id] ax.agents();// AGENT STRUCT
string agent["id"]
string agent["type"]
string agent["listener"]
string agent["external_ip"]
string agent["internal_ip"]
string agent["domain"]
string agent["computer"]
string agent["username"]
string agent["impersonated"]
string agent["process"]
string agent["arch"]
int agent["pid"]
int agent["tid"]
int agent["gmt"]
bool agent["elevated"]
string agent["tags"]
bool agent["async"]
int agent["sleep"]
string agent["os_full"]Example
var agents = ax.agents();
for (var id in agents) {
ax.log("Agent ID: " + id);
var agent = agents[id];
for (var key in agent) {
ax.log(" " + key + ": " + agent[key]);
}
}
credentials
Returns a list of credentials.
CRED[id] ax.credentials()// CRED STRUCT
cred["id"]
cred["username"]
cred["password"]
cred["realm"]
cred["type"]
cred["tag"]
cred["date"]
cred["storage"]
cred["agent_id"]
cred["host"]Example
var creds = ax.credentials();
for (var id in creds) {
ax.log("Cred ID: " + id);
var cred = creds[id];
for (var key in cred) {
ax.log(" " + key + ": " + cred[key]);
}
}
Functions
The following is a list of AxScript's functions:
agents
agent_info
Get information from a agent session's metadata.
any ax.agent_info(string id, string property)id- agent IDproperty- CRED property (see here)
agent_set_color
Set color for agent's item in Session Table
void ax.agent_set_color(string[] ids, string background, string foreground, bool reset);ids- array of agent idsbackground- item background color in hex RGBforeground- item text color in hex RGBreser- if true, reset the color to default
agent_set_impersonate
Set impersonate for agent's item in Session Table
void ax.agent_set_impersonate(string id, string impersonate, bool elevated);id- agent IDimpersonate- impersonated userelevated- is impersonated user elevated
agent_set_mark
Set mark for agent's item in Session Table
void ax.agent_set_mark(string id, string mark);id- agent IDmark- agent's mark ("Terminated", "Inactive", "Disconnect", empty "" for active).
agent_set_tag
Set tag for agent's item in Session Table
void ax.agent_set_tag(string id, string tag);id- agent IDtag- agent's tag
arch
Returns the architecture of agent session (e.g., x86 or x64)
string ax.arch(string id);id- agent ID
bof_pack
Pack arguments in a way that's suitable for BOF APIs to unpack. To transmit binary data to the server, the function will encode it in base64.
string ax.bof_pack(string types, any[] args);types- a set of comma separated string types for BOF's argumentsargs- array of BOF's arguments
bytes
binary data
BeaconDataExtract
int
4-byte integer
BeaconDataInt
short
2-byte short integer
BeaconDataShort
cstr
zero-terminated+encoded string
BeaconDataExtract
wstr
zero-terminated wide-char string
(wchar_t *)BeaconDataExtract
copy_to_clipboard
Copy text to client's clipboard.
void ax.copy_to_clipboard(string text);console_message
Print an output message and text to the agent console.
void ax.console_message(string id, string message, string type = "", string text = "");id- agent IDmessage- brief messagetype- message type ("info", "success", or "error")text- text output
Example
ax.console_message("47ca27cf", "Info message\n", "info", "This is\nmulti line\ntext");
ax.console_message("47ca27cf", "Error message\n", "error");
credentials
credentials_add
Save the specified credentials in Credentials Manager
void ax.credentials_add(string username, string password, string realm = "", string type = "password", string tag = "", string storage = "manual", string host = "");username- creds usernamepassword- creds secretrealm- creds domain/realmtype- creds type (possible "password", "hash", "rc4", "aes128", "aes256", "token")tag- creds tagstorage- creds container (possible "browser", "dpapi", "database", "sam", "lsass", "ntds", "manual")host- the host where the credentials were stored
create_command
create_commands_group
execute_alias
execute_browser
execute_command
file_basename
Returns the filename
string ax.file_basename(string path);path- full filename
file_exists
Checks if a file exists
bool ax.file_exists(string path);path- full filename
file_read
Reads a file and returns base64 encoded contents
string ax.file_read(string path);path- full filename
format_time
Convert UNIX Epoch Time to date/time string value.
string ax.format_time(string format, int unixtime);format- datetime format (e.g. "dd/MM/yyyy hh:mm:ss")unixtime- UNIX Epoch Time value
interfaces
Returns a list of network interfaces of the teamserver
string[] ax.interfaces()
is64
Check if a session is on an x64 system or not
bool ax.is64(string id);id- agent ID
isadmin
Check if a session has admin rights
bool ax.isadmin(string id);id- agent ID
log / log_error
Print text to AxScript Console.
void ax.log(string text);
void ax.log_error(string text);
open_agent_console
Open the console to interact with a agent
void ax.open_agent_console(string id);id- agent ID
open_access_tunnel
Open the tunnel creation dialog window
void ax.open_access_tunnel(string id, bool socks4, bool socks5, bool lportfwd, bool rportfwd);id- agent IDsocks4- is agent support socks4socks5- is agent support socks5lportfwd- is agent support local port forwardingrportfwd- is agent support reverse port forwarding
open_browser_files
Open the File Browser for a agent
void ax.open_browser_files(string id);id- agent ID
open_browser_process
Open the Process Browser for a agent
void ax.open_browser_process(string id);id- agent ID
open_remote_terminal
Open the Interactive Terminal for a agent
void ax.open_remote_terminal(string id);id- agent ID
prompt_open_file
Show a file open dialog.
string prompt_open_file(string caption = "Select file", string filter = "");caption- title of the dialogfilter- filter for selecting files
prompt_open_dir
Show a directory open dialog.
string prompt_open_dir(string caption = "Select directory");caption- title of the dialog
prompt_save_file
Show a file save dialog.
string prompt_save_file(string filename, string caption = "Select file", string filter = "");filename- default filenamecaption- title of the dialogfilter- filter for selecting files
register_commands_group
script_import
Import AxScript script into current script's env.
string script_import(string path);path- path to script file
script_load
Load a new script to AxScript Manager
string script_load(string path);path- path to script file
script_unload
Unload a script from the AxScript Manager
string script_unload(string path);path- path to script file
script_dir
Returns the directory where the script is located.
string script_dir();show_message
Shows a message to the user in a dialog box. Use this function to relay information.
void show_message(string title, string text);title- title of the dialogtext- the message text
ticks
UNIX Epoch Time value
int ticks();Last updated