-
Notifications
You must be signed in to change notification settings - Fork 25
Usage
freefirex edited this page Jan 19, 2024
·
1 revision
This part assumes you've already set up your virtual env and run first time setup as outlined in the Getting started.
A video on basic module usage can be viewed here: EMBED VIDEO OF USEMODULE
Specula is driven via a cli interface using the python cmd.cmd module.
Tab completion is available for most options, and help for individual commands is available via help <cmd>
Double tab will show menu options in the context you currently are.
| Command | use |
|---|---|
| addblocklist | Adds a single IP to the active blocklist |
| approveAgent | Manually approves a given agent instead of having it approve after the configured validation count |
| clear | Clears the screen |
| dbedit | Allows manual modification of the sqlite db for an individual agent |
| generatehooker | Outputs a variety of scripts / artifacts that can be used to set up a specula agent on target |
| interact | Start tasking / getting results for an individual agent |
| listallq | Lists all tasking queues |
| log | Prints the main specula log file |
| payload | manage secondary server payload artifacts |
| pushover | manage pushover settings |
| runTaskBook | Execute a given taskbook on a given set of agents |
| updateSetting | Update a global setting |
| version | print the version |
| agents | list all agents from the database |
| blocklistAgent | adds a given agent to the blocklist |
| dbdata | Manually inspect the database |
| exit | Exit specula |
| listallowlist | print our allow list |
| listblocklist | print our block list |
| logo | Print that sweet sweet logo |
| prestage | submenu to generate a Key and a pre-aproved agent you can use to bypass the normal validation steps |
| resetdb | clear the database |
| settings | print the currently configured global settings |
| updatecodebase | re-imports all modules in the functions folder |
| Command | use |
|---|---|
| back | go up a menu entry |
| clearagentdata | Deletes the agents data in the agentdata folder |
| delete | Delete this agent completly from the database, will NOT delete data file in the agents_data folder |
| jitter | modify the jitter this agent uses in callback times |
| qdel | Delete a task for the task queue |
| refreshtime | modify the base time between callbacks before jitter |
| usemodule | open up a given modules menu |
| clear | clear the screen |
| data | print all responses from this agent |
| explorer | Open a basic file explorer on this agent |
| info | print basic info about this agent |
| pushnextcallback | trigger a pushover notification next time we get a callback from this agent |
| qlist | list the task queue for this agent |
| runTaskBook | run a task book on this agent |
| Command | use |
|---|---|
| add | host a payload |
| list | list hosted payloads and URI |
| remove | Remove a hosted payload |
| Command | use |
|---|---|
| addpushoverkey | Add another key to notify on events |
| changesubscription | toggle an event type to send notifications for |
| listpushoverkeys | list keys notifications are sent too |
| removepushoverkey | remove a key from receiving notifications |
| testpush | send a test message |
| Command | use |
|---|---|
| new | Create 1 or more prestaged agents, you can either do just new, or new 4 to create 4 prestaged at once |
| custom | Allows you to specify url's to use for a custom prestaged agent |
| list | Lists out all prestaged agents |