filesfolder. The green checkmark means that an agent reported back information for that folder specifically (i.e. somebody tasked an
lsof that folder or issued a
listcommand via the button on the table side). This is in contrast the other folders in that tree - those folders are "implicitly" known because we have the full path returned for the folder we did access. If there is a red circle with an exclamation point, it means that you tried to perform an
lson the directory, but it failed.
hostnameassociated with the file path. This will default to the host associated with the path, but can be changed separately to allow list of hosts not currently in the view.
pathassociated with the information below. If you haven't received any information from any agent yet or you haven't clicked on a path, this will default to the current directory
listbutton. This looks at the far right hand side Callback number, finds the associated payload type, then looks for the command with
true. Then issues that command with the
pathshown in the first two fields. If you want to list the contents of a directory that you can't see in the UI, just modify these two values and hit
uploadbutton. This will look for the
is_uploadfield for the payload type associated with the identified Callback and execute that command. In most cases this will cause a popup dialog where you can upload your file.
Callbackfield. As you browse this data, it's aggregated across all of the callbacks and hosts that are reporting data back. Therefore, you might have some information from Callback 1, some from Callback 15, etc. When you click on a file or folder, this value will change to the Callback where the data came from.
View Permissionsaction will display a popup with more specific information.
Download Historybutton will display information about all the times that file has been downloaded. This is useful when you repeatedly download the same file over and over again (ex: downloading a user's Chrome Cookie's file every day). If you've downloaded a file, there will be a green download icon next to the filename. This will always point to the latest version of the file, but you can use the
download historyoption to view all other instances in an easy pane. This popup will also show the comments associated with the tasks that issued the download commands.