Skip to content

Changelog

Jump to bottom
HuskyHacks edited this page Mar 12, 2022 · 13 revisions

Changelog for OffensiveNotion

v1.0.0 "Iron Age"

Released!

v1.0.0 - "Iron Age"

MUST

Done

Documentation

  • Quickstart
  • Install
  • Agent interaction
    • Commands
    • Linux commands
    • Windows commands

Misc

  • YARA Rules

Setup

  • Python Setup Script for config options
  • Dynamic Docker container spin up/tear down for agent generation
  • Parse args for Docker build options

Agent

  • Commands:
    • shell
    • cd
    • download
    • ps
    • pwd
    • save
    • shutdown
    • sleep [#] to adjust callback

SHOULD

Done

Agent

  • Jitter interval for callback time

  • Commands:

    • getprivs
    • sleep [#][%] to adjust callback and jitter
    • portscan

  • Linux elevate sudo

  • Windows elevate fodhelper

  • Linux persist bashrc

  • Linux persist cron

  • Linux persist service

  • Windows inject

  • Windows persist startup

  • Windows persist registry

  • Persist:

    • Windows persist schtasks
    • (Bonus) wmic

COULD

Done
  • Compiles with Notion icon
  • Mirror the notion.ico file 😈 (slightly red tint to logo)
  • "Web delivery" via Flask and one-liner for remote download/exec (https://www.offensive-security.com/metasploit-unleashed/web-delivery/)
  • Agent checks in by POSTing hostname and username to page title with asterisk if in an admin context (getprivs at checkin)
  • Agent can spawn in kiosk mode Notion.so page at startup
For Next Release
  • Linux persist rc.local
  • Linux inject (more of a shellcode runner than injection)
  • Windows runas (SCshell)
  • Windows inject-assembly (⚠️ large lift ⚠️)
  • (Bonus) Windows persist comhijack
  • (Bonus) Windows persist xll
Clone this wiki locally