Created
September 1, 2017 16:56
-
-
Save rsmudge/4c565c77787fed7040521b1b8de48049 to your computer and use it in GitHub Desktop.
Override default file browser popup in Cobalt Strike to prompt user when they try to delete a file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # safe delete in file browser right-click menu | |
| # | |
| popup_clear("filebrowser"); | |
| popup filebrowser { | |
| item "&Download" { | |
| local('$file'); | |
| foreach $file ($3) { | |
| bdownload($1, "$2 $+ \\ $+ $file"); | |
| } | |
| } | |
| item "&Execute" { | |
| prompt_text("Arguments?", "", lambda({ | |
| foreach $file ($files) { | |
| bexecute($bid, "$folder $+ \\ $+ $file" . iff($1 ne "", " $1")); | |
| } | |
| }, $bid => $1, $folder => $2, $files => $3)); | |
| } | |
| separator(); | |
| item "D&elete" { | |
| prompt_confirm("Do you really want to delete stuff", "Safety Check", lambda({ | |
| local('$file'); | |
| foreach $file ($files) { | |
| brm($bid, "$folder $+ \\ $+ $file"); | |
| } | |
| # force a refresh on the file browser. | |
| [$browser ls: $folder]; | |
| }, $bid => $1, $folder => $2, $files => $3, $browser => $4)); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment