Created
February 19, 2016 16:24
-
-
Save rsmudge/c61683d57e94d04c862c to your computer and use it in GitHub Desktop.
Aggressor Script IRC Example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Quick/Dirty IRC Library for use with Aggressor Script | |
# https://www.cobaltstrike.com/aggressor-script/index.html | |
# | |
# irc_close($handle); | |
sub irc_close { | |
println($1, "QUIT :Good bye!"); | |
closef($1); | |
} | |
# irc_join($handle, "#armitage"); | |
sub irc_join { | |
println($1, "JOIN $2"); | |
} | |
# irc_msg($handle, "#armitage", "Hello World"); | |
sub irc_msg { | |
println($1, "PRIVMSG $2 : $+ $3"); | |
} | |
# $handle = irc_connect("irc.freenode.net", 6667, "CobaltStrikeBot"); | |
sub irc_connect { | |
local('$handle'); | |
$handle = connect($1, $2); | |
fork({ | |
local('$temp'); | |
println($handle, "USER a b c :Cobalt Strike Bot"); | |
println($handle, "NICK $nick"); | |
while $temp (readln($handle)) { | |
# keep this IRC connection alive | |
if ("PING*" iswm $temp) { | |
println($handle, "PONG " . substr($temp, 5)); | |
} | |
# extract channel messages | |
else if ($temp ismatch ":(.*?)!.* PRIVMSG (#.*?) :(.*)") { | |
local('$from $channel $message'); | |
($from $channel, $message) = matched(); | |
fireEvent("irc_public", $handle, $from, $channel, $message); | |
} | |
# fire an event for everything else.. | |
else { | |
fireEvent("irc_other", $handle, "$temp"); | |
} | |
} | |
}, \$handle, $nick => $3); | |
return $handle; | |
} | |
# | |
# example... | |
# | |
on irc_public { | |
local('$handle $from $channel $text'); | |
($handle, $from, $channel, $text) = @_; | |
#println("< $from $+ : $+ channel $+ > $text"); | |
if ($text eq "!test") { | |
irc_msg($handle, $channel, "I am responding to !test from $from"); | |
} | |
else if ($text eq "!quit") { | |
irc_msg($handle, $channel, "Good bye!"); | |
irc_close($handle); | |
} | |
} | |
on irc_other { | |
local('$handle $text'); | |
($handle, $text) = @_; | |
#println($text); | |
# End of /MOTD command is a good time for an auto-join | |
if (":* 376 * :*" iswm $text) { | |
irc_join($handle, "#test_cobalt"); | |
} | |
} | |
$handle = irc_connect("irc.freenode.net", 6667, "CobaltStrikeBot"); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment