Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
Reforge
Reforge Language Rough Definition
Variable Types
Type | Syntax | Notes |
---|---|---|
int | int <name> = <value> |
|
str | str <name> = '<value>' |
|
list | list <name> = [v1,v2,v3,..] |
|
encrypted stream |
encryptedstream <name> = <path> encryptedstream <name> |
|
plaintext stream |
plaintextstream <name> = <path> plaintextstream <name> |
|
NOTES on Streams: streams are read/write. In-memory streams are cleared when their reference count drops to 0.
Changing a stream variable's file_path will close the stream and open a new one to the new path.
Core functions
Function | Description | Syntax | Notes |
---|---|---|---|
pause | pause execution for a specified number of seconds | pause <number_of_seconds> |
|
echo | echo a value to a file | echo <stream> <value> |
|
break | jump out of a for or while loop | break | |
continue | go to the end of a for or while loop and move to the next loop iteration | continue | |
for | Iterates over each item in a list and performs a series of operations |
for <var> in <list> { } for <var> in [v1,v2,v3,...] { } for <var> in <path> { } |
|
while |
Perform a number of operations while a condition is true | while( <condition>) { } |
|
if / if...else | Perform an operation if a condition is true other wise perform a different operation |
if( <condition> ) { } if( <condition> ) { } else { } |
|
add to list | append a value to the end of a list | add_to_list <list> <value> | |
remove from list | remove an item from a list | remove_from_list <list> <index> | |
pipe | output one stream to another | pipe <stream> <stream> | either <stream> can be plaintextstream or encryptedstream types |
Modules
Function | Description | Syntax | Notes |
---|---|---|---|
remove | securely deletes a file | remove <path> |
|
dirlist | performs a dir walk starting at the specified location | dirlist <starting_path> <stream> |
|
archive | add a file to a zip/rar archive |
archive <archive_file> <file_to_add> archive <archive_file> <list of files to add> |
|
unpack | unpacks another executable from the ReForge package to a specified location on the target | unpack <local path to executable> <target extraction path> |
|
netstat | perfrom a netstat | netstat <stream> |
|
process list | get a process list | proclist <stream> |
|
registry | set, edit, or delete a registry key | registry <operation> <key> <type> <value> |
|
enzip | compress and encrypt a file | enzip <input file> <output file> |
|
run | run a system command or executable and wait for its completion | run <cmd> <stream> |
|
start | run a system command or executable but don't wait for its completion | start <cmd> |
|
Arithmetic and Comparison operators
Operator | Description |
---|---|
+ | add two numbers or append two strings |
- | subtract two numbers |
/ | divide two numbers |
% | get the remander from the division of two numbers |
* | multiply two numbers |
< | less than comparison operator |
<= |
less than or equal to comparison operator |
> | greater than comparison operator |
>= | greater than or equal to comparison operator |
== | equals comparison operator |
!= | not equals comparison operator |
# | comment |
Environment Variables
Name | Description |
---|---|
env.stdout | reserved stream name to output to stdout |
env.stdin | reserved stream to get data from stdin |
env.stderr | reserved stream to output to stderr |
env.temp | represents the path to the target's temp directory |
env.computername | represents the target computers name |
env.windir | represents the target's path to system32 |
env.systemroot | represents the target's path to the root drive |
env.path | represents the value of the target's path. |