Stager Templates

Get Stager Templates

get

Responses

200

Successful Response

application/json

400

Bad request

application/json

404

Not found

application/json

get

/api/v2/stager-templates

HTTPcURLJavaScriptPython

GET /api/v2/stager-templates HTTP/1.1
Accept: */*

{
  "records": [
    {
      "authors": [
        "@harmj0y"
      ],
      "comments": [
        ""
      ],
      "description": "Generates a one-liner stage0 launcher for Empire.",
      "id": "multi_launcher",
      "name": "Launcher",
      "options": {
        "Base64": {
          "depends_on:": [],
          "description": "Switch. Base64 encode the output.",
          "internal": false,
          "required": true,
          "strict": true,
          "suggested_values": [
            "True",
            "False"
          ],
          "value": "True"
        },
        "Bypasses": {
          "depends_on:": [],
          "description": "Bypasses as a space separated list to be prepended to the launcher",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": ""
        },
        "Language": {
          "depends_on:": [],
          "description": "Language of the stager to generate.",
          "internal": false,
          "required": true,
          "strict": true,
          "suggested_values": [
            "powershell",
            "python"
          ],
          "value": "powershell"
        },
        "Listener": {
          "depends_on:": [],
          "description": "Listener to generate stager for.",
          "internal": false,
          "required": true,
          "strict": false,
          "suggested_values": [],
          "value": ""
        },
        "Obfuscate": {
          "depends_on:": [],
          "description": "Switch. Obfuscate the launcher powershell code, uses the ObfuscateCommand for obfuscation types. For powershell only.",
          "internal": false,
          "required": false,
          "strict": true,
          "suggested_values": [
            "True",
            "False"
          ],
          "value": "False"
        },
        "ObfuscateCommand": {
          "depends_on:": [],
          "description": "The Invoke-Obfuscation command to use. Only used if Obfuscate switch is True. For powershell only.",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": "Token\\All\\1"
        },
        "OutFile": {
          "depends_on:": [],
          "description": "Filename that should be used for the generated output.",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": ""
        },
        "Proxy": {
          "depends_on:": [],
          "description": "Proxy to use for request (default, none, or other).",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": "default"
        },
        "ProxyCreds": {
          "depends_on:": [],
          "description": "Proxy credentials ([domain\\]username:password) to use for request (default, none, or other).",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": "default"
        },
        "SafeChecks": {
          "depends_on:": [],
          "description": "Switch. Checks for LittleSnitch or a SandBox, exit the staging process if True. Defaults to True.",
          "internal": false,
          "required": true,
          "strict": true,
          "suggested_values": [
            "True",
            "False"
          ],
          "value": "True"
        },
        "StagerRetries": {
          "depends_on:": [],
          "description": "Times for the stager to retry connecting.",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": "0"
        },
        "UserAgent": {
          "depends_on:": [],
          "description": "User-agent string to use for the staging request (default, none, or other).",
          "internal": false,
          "required": false,
          "strict": false,
          "suggested_values": [],
          "value": "default"
        }
      }
    }
  ]
}

Get Stager Template

get

Path parameters

uidstringRequired

Responses

200

Successful Response

application/json

400

Bad request

application/json

404

Not found

application/json

422

Validation Error

application/json

get

/api/v2/stager-templates/{uid}

HTTPcURLJavaScriptPython

GET /api/v2/stager-templates/{uid} HTTP/1.1
Accept: */*

{
  "authors": [
    "@harmj0y"
  ],
  "comments": [
    ""
  ],
  "description": "Generates a one-liner stage0 launcher for Empire.",
  "id": "multi_launcher",
  "name": "Launcher",
  "options": {
    "Base64": {
      "depends_on:": [],
      "description": "Switch. Base64 encode the output.",
      "internal": false,
      "required": true,
      "strict": true,
      "suggested_values": [
        "True",
        "False"
      ],
      "value": "True"
    },
    "Bypasses": {
      "depends_on:": [],
      "description": "Bypasses as a space separated list to be prepended to the launcher",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": ""
    },
    "Language": {
      "depends_on:": [],
      "description": "Language of the stager to generate.",
      "internal": false,
      "required": true,
      "strict": true,
      "suggested_values": [
        "powershell",
        "python"
      ],
      "value": "powershell"
    },
    "Listener": {
      "depends_on:": [],
      "description": "Listener to generate stager for.",
      "internal": false,
      "required": true,
      "strict": false,
      "suggested_values": [],
      "value": ""
    },
    "Obfuscate": {
      "depends_on:": [],
      "description": "Switch. Obfuscate the launcher powershell code, uses the ObfuscateCommand for obfuscation types. For powershell only.",
      "internal": false,
      "required": false,
      "strict": true,
      "suggested_values": [
        "True",
        "False"
      ],
      "value": "False"
    },
    "ObfuscateCommand": {
      "depends_on:": [],
      "description": "The Invoke-Obfuscation command to use. Only used if Obfuscate switch is True. For powershell only.",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": "Token\\All\\1"
    },
    "OutFile": {
      "depends_on:": [],
      "description": "Filename that should be used for the generated output.",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": ""
    },
    "Proxy": {
      "depends_on:": [],
      "description": "Proxy to use for request (default, none, or other).",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": "default"
    },
    "ProxyCreds": {
      "depends_on:": [],
      "description": "Proxy credentials ([domain\\]username:password) to use for request (default, none, or other).",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": "default"
    },
    "SafeChecks": {
      "depends_on:": [],
      "description": "Switch. Checks for LittleSnitch or a SandBox, exit the staging process if True. Defaults to True.",
      "internal": false,
      "required": true,
      "strict": true,
      "suggested_values": [
        "True",
        "False"
      ],
      "value": "True"
    },
    "StagerRetries": {
      "depends_on:": [],
      "description": "Times for the stager to retry connecting.",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": "0"
    },
    "UserAgent": {
      "depends_on:": [],
      "description": "User-agent string to use for the staging request (default, none, or other).",
      "internal": false,
      "required": false,
      "strict": false,
      "suggested_values": [],
      "value": "default"
    }
  }
}