Specify HTTP endpoint as kill switch to perform cleanup

[georgeneokq]

• [x] Command line parameter to take in a Socket IP to poll for kill switch
• [x] Poll interval for kill switch

[georgeneokq]

Example command to test kill switch, with a socket locally hosted on port 8080:

.\artifact-exterminator.exe -f calc.exe --killswitch-ip 127.0.0.1 --killswitch-port 8080 --killswitch-poll 3

The program will start polling for the kill switch after the child process is closed. To start polling, you'll have to first kill the calculator app.

Example python code for hosting a kill switch which automatically activates after 6 seconds:

import socket
from time import sleep

HOST = "127.0.0.1"
PORT = 8080

# Sends '1' to the client socket after n iterations of sending data
SET_KILL_SWITCH_AFTER_ITERATIONS = 6

def main():
  with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
    s.bind((HOST, PORT))
    while True:
      iterations = 0
      print(f"Listening for new connection on {HOST}:{PORT}.")
      s.listen()
      conn, addr = s.accept()
      with conn:
        print(f"Connected by {addr}")
        while True:
          data = b'1' if iterations >= SET_KILL_SWITCH_AFTER_ITERATIONS else b'0'
          try:
            conn.send(data)
            sleep(1)
            iterations += 1
          except:
            print("Connection aborted by client, listening for new connection.")
            break

if __name__ == '__main__':
  main()

[georgeneokq]

Will close this issue as the kill switch feature is complete, and the example python script for hosting the kill switch has been added to the project. The example command for testing the kill switch will be added to documentation as well.