Use proper type for PPID flag, add ppid + process args to sideload

BishopFox · Sep 6, 2022 · 7d8457d · 7d8457d
1 parent 9dd5dd9
commit 7d8457d
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/client/command/exec/execute-assembly.go b/client/command/exec/execute-assembly.go
@@ -90,7 +90,7 @@ func ExecuteAssemblyCmd(ctx *grumble.Context, con *console.SliverConsoleClient)
 		ClassName:   ctx.Flags.String("class"),
 		AppDomain:   ctx.Flags.String("app-domain"),
 		ProcessArgs: processArgs,
-		PPid:        uint32(ctx.Flags.Int("ppid")),
+		PPid:        uint32(ctx.Flags.Uint("ppid")),
 		Runtime:     runtime,
 		EtwBypass:   etwBypass,
 		AmsiBypass:  amsiBypass,

diff --git a/client/command/exec/sideload.go b/client/command/exec/sideload.go
@@ -50,6 +50,8 @@ func SideloadCmd(ctx *grumble.Context, con *console.SliverConsoleClient) {
 		con.PrintErrorf("%s", err.Error())
 		return
 	}
+	processArgsStr := ctx.Flags.String("process-arguments")
+	processArgs := strings.Split(processArgsStr, " ")
 	isDLL := (filepath.Ext(binPath) == ".dll")
 	ctrl := make(chan bool)
 	con.SpinUntil(fmt.Sprintf("Sideloading %s ...", binPath), ctrl)
@@ -62,6 +64,8 @@ func SideloadCmd(ctx *grumble.Context, con *console.SliverConsoleClient) {
 		Kill:        !ctx.Flags.Bool("keep-alive"),
 		IsDLL:       isDLL,
 		IsUnicode:   ctx.Flags.Bool("unicode"),
+		PPid:        uint32(ctx.Flags.Uint("ppid")),
+		ProcessArgs: processArgs,
 	})
 	ctrl <- true
 	<-ctrl