A command to run the Agent manually can be generated by the Island Server UI by
going to the "Run Monkey" -> "Manual" page.
Each Agent, when run, needs to authenticate with the Island using a one-time password (OTP). OTPs can be used exactly once and expire after 2 minutes. The commands on the "Run Monkey" -> "Manual" page are updated with a valid OTP each time a command is copied or the OTP expires.
Agent binaries can be downloaded by sending a
GET request to
[IP] stands for the IP
address of the Island Server and
[OS] is either
The Agent binary must begin with either the
m0nk3y flag is the standard way to run the Agent.
dr0pp3r flag invokes the Agent dropper. The dropper will move the Agent binary to a location provided with the
-l flag. Then, it will start the Agent with the
m0nk3y flag as a new process. Finally, the dropper will shut itself down. This flag is useful if you want to detach the Agent from an exploited service or parent process. It alleviates the need for the parent process to wait until the Agent finishes.
Updated 7 months ago