-
Notifications
You must be signed in to change notification settings - Fork 27
Module Types
Input modules are responsible for taking either generating or processing input that must be passed into the rendered payload.
There are currently two types of input modules:
- EKeys (Encryption Keys) - These modules are used to derive payload encryption keys
- Crypters - These modules are used to encrypt the payload's shellcode using key data provided by the EKey modules
All Input Modules must have at least one corresponding output module, as they perform some action that must either be repeated (e.g. key derivation) or reversed (e.g. encryption) by the payload on the target system.
Output modules are used for rendering individual components of the generated payload. Some output modules are designed to be used with a corresponding input modules. Examples of these include:
- DKeys - Used to render a key derivation function. Must be used with a compatible EKey input module.
- Decrypters - Used to decrypt ciphertext into plaintext data. Must be used with a compatible Crypter input module.
Others are standalone modules that do not need an input module to function properly. Some examples of standalone output modules are:
- Executors - renders the function that executes raw shellcode
- PreModules / PostModules - executes some action before or after main payload execution
All output modules have the following attributes, which are made accessible to the Interface:
- List of symbol names to be mutated
- List of imports
- The path to the component's Jinja template
- Data Transfer Container (DTC)
The list of symbol names is passed to the Interface, which mutates them using whatever Mutator module has been selected by the user. The Interface then provides the Output Module any external data it may require by placing it in the DTC. If the Output Module relies on symbol names from other modules, these are passed through the Output Module's DTC as well. Finally, the Interface renders the output module, at which point the mutated symbols and DTC data is incorporated into the Output Module's Jinja template.