Skip to main content
Glama

Cobalt Strike MCP Server

by MickeyDB
OverviewInspectNewSchemaRelated ServersScore
TypeScript
Remote
2
  • Apple
  • Linux
tokens.ts8.29 kB
/** * Token operation-related MCP tools */ import { Tool } from '@modelcontextprotocol/sdk/types.js'; import { CobaltStrikeClient } from '../api/client.js'; export function createTokenTools(client: CobaltStrikeClient): Tool[] { return [ { name: 'execute_steal_token', description: 'Steal a token from a process', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, pid: { type: 'number', description: 'Process ID to steal token from', minimum: 0, }, }, required: ['beaconId', 'pid'], }, }, { name: 'execute_make_token', description: 'Make a token using logon credentials', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, domain: { type: 'string', description: 'Domain name', }, username: { type: 'string', description: 'Username', }, password: { type: 'string', description: 'Password', }, }, required: ['beaconId', 'domain', 'username', 'password'], }, }, { name: 'execute_rev2self', description: 'Revert to self (drop impersonated token)', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, }, required: ['beaconId'], }, }, { name: 'execute_get_system', description: 'Get SYSTEM privileges', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, technique: { type: 'string', description: 'Technique to use (e.g., "token", "namedpipe")', enum: ['token', 'namedpipe'], }, }, required: ['beaconId'], }, }, { name: 'execute_get_privs', description: 'Get current privileges', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, }, required: ['beaconId'], }, }, { name: 'execute_tokenStore_use', description: 'Use a token from the token store', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, tokenId: { type: 'string', description: 'Token ID from the store', }, }, required: ['beaconId', 'tokenId'], }, }, { name: 'execute_tokenStore_steal', description: 'Steal a token and add it to the token store', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, pid: { type: 'number', description: 'Process ID to steal token from', minimum: 0, }, }, required: ['beaconId', 'pid'], }, }, { name: 'execute_tokenStore_stealAndUse', description: 'Steal a token and immediately use it', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, pid: { type: 'number', description: 'Process ID to steal token from', minimum: 0, }, }, required: ['beaconId', 'pid'], }, }, { name: 'execute_tokenStore_remove', description: 'Remove a token from the token store', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, tokenId: { type: 'string', description: 'Token ID to remove', }, }, required: ['beaconId', 'tokenId'], }, }, { name: 'execute_tokenStore_removeAll', description: 'Remove all tokens from the token store', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, }, required: ['beaconId'], }, }, { name: 'execute_make_token_upn', description: 'Make a token using UPN (User Principal Name)', inputSchema: { type: 'object', properties: { beaconId: { type: 'string', description: 'The ID of the beacon', }, upn: { type: 'string', description: 'User Principal Name (e.g., user@domain.com)', }, password: { type: 'string', description: 'Password', }, }, required: ['beaconId', 'upn', 'password'], }, }, ]; } export async function handleTokenTool( name: string, args: any, client: CobaltStrikeClient ): Promise<string> { switch (name) { case 'execute_steal_token': const stealResult = await client.executeStealToken(args.beaconId, args.pid); return JSON.stringify({ taskId: stealResult, message: 'Steal token command submitted' }, null, 2); case 'execute_make_token': const makeResult = await client.executeMakeToken(args.beaconId, args.domain, args.username, args.password); return JSON.stringify({ taskId: makeResult, message: 'Make token command submitted' }, null, 2); case 'execute_rev2self': const rev2selfResult = await client.executeRev2Self(args.beaconId); return JSON.stringify({ taskId: rev2selfResult, message: 'Rev2self command submitted' }, null, 2); case 'execute_get_system': const getSystemResult = await client.executeGetSystem(args.beaconId, args.technique); return JSON.stringify({ taskId: getSystemResult, message: 'Get system command submitted' }, null, 2); case 'execute_get_privs': const getPrivsResult = await client.executeGetPrivs(args.beaconId); return JSON.stringify({ taskId: getPrivsResult, message: 'Get privileges command submitted' }, null, 2); case 'execute_tokenStore_use': const tokenUseResult = await client.executeTokenStoreUse(args.beaconId, args.tokenId); return JSON.stringify({ taskId: tokenUseResult, message: 'Use token command submitted' }, null, 2); case 'execute_tokenStore_steal': const tokenStealResult = await client.executeTokenStoreSteal(args.beaconId, args.pid); return JSON.stringify({ taskId: tokenStealResult, message: 'Steal token to store command submitted' }, null, 2); case 'execute_tokenStore_stealAndUse': const tokenStealAndUseResult = await client.executeTokenStoreStealAndUse(args.beaconId, args.pid); return JSON.stringify({ taskId: tokenStealAndUseResult, message: 'Steal and use token command submitted' }, null, 2); case 'execute_tokenStore_remove': const tokenRemoveResult = await client.executeTokenStoreRemove(args.beaconId, args.tokenId); return JSON.stringify({ taskId: tokenRemoveResult, message: 'Remove token command submitted' }, null, 2); case 'execute_tokenStore_removeAll': const tokenRemoveAllResult = await client.executeTokenStoreRemoveAll(args.beaconId); return JSON.stringify({ taskId: tokenRemoveAllResult, message: 'Remove all tokens command submitted' }, null, 2); case 'execute_make_token_upn': const makeTokenUpnResult = await client.executeMakeTokenUPN(args.beaconId, args.upn, args.password); return JSON.stringify({ taskId: makeTokenUpnResult, message: 'Make token (UPN) command submitted' }, null, 2); default: throw new Error(`Unknown token tool: ${name}`); } }

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/MickeyDB/Cobalt-Strike-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server