core

package
v1.0.8-beta Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 4, 2020 License: GPL-3.0 Imports: 11 Imported by: 17

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// Sessions - Manages implant connections
	Sessions = &sessions{
		sessions: &map[uint32]*Session{},
		mutex:    &sync.RWMutex{},
	}

	// ErrUnknownMessateType - Returned if the implant did not understand the message for
	//                         example when the command is not supported on the platform
	ErrUnknownMessateType = errors.New("Unknown message type")

	// ErrImplantTimeout - The implant did not respond prior to timeout deadline
	ErrImplantTimeout = errors.New("Implant timeout")
)
View Source
var (
	// Tunnels - Interating with duplex tunnels
	Tunnels = tunnels{
			// contains filtered or unexported fields
	}

	// ErrInvalidTunnelID - Invalid tunnel ID value
	ErrInvalidTunnelID = errors.New("Invalid tunnel ID")
)
View Source
var (
	// Clients - Manages client active
	Clients = &clients{
		active: &map[int]*Client{},
		mutex:  &sync.RWMutex{},
	}
)
View Source
var (
	// EventBroker - Distributes event messages
	EventBroker = newBroker()
)
View Source
var (
	// Jobs - Holds pointers to all the current jobs
	Jobs = &jobs{
		active: &map[int]*Job{},
		mutex:  &sync.RWMutex{},
	}
)

Functions

func EnvelopeID

func EnvelopeID() uint64

EnvelopeID - Generate random ID of randomIDSize bytes

func NewTunnelID

func NewTunnelID() uint64

NewTunnelID - New 64-bit identifier

func NextJobID

func NextJobID() int

NextJobID - Returns an incremental nonce as an id

func NextSessionID

func NextSessionID() uint32

NextSessionID - Returns an incremental nonce as an id

Types

type Client

type Client struct {
	ID       int
	Operator *clientpb.Operator
}

Client - Single client connection

func NewClient

func NewClient(operatorName string) *Client

NewClient - Create a new client object

func (*Client) ToProtobuf

func (c *Client) ToProtobuf() *clientpb.Client

ToProtobuf - Get the protobuf version of the object

type Event

type Event struct {
	Session *Session
	Job     *Job
	Client  *Client

	EventType string

	Data []byte
	Err  error
}

Event - An event is fired when there's a state change involving a

session, job, or client.

type Job

type Job struct {
	ID          int
	Name        string
	Description string
	Protocol    string
	Port        uint16
	Domains     []string
	JobCtrl     chan bool
}

Job - Manages background jobs

func (*Job) ToProtobuf

func (j *Job) ToProtobuf() *clientpb.Job

ToProtobuf - Get the protobuf version of the object

type Session

type Session struct {
	ID                uint32
	Name              string
	Hostname          string
	Username          string
	UID               string
	GID               string
	Os                string
	Version           string
	Arch              string
	Transport         string
	RemoteAddress     string
	PID               int32
	Filename          string
	LastCheckin       *time.Time
	Send              chan *sliverpb.Envelope
	Resp              map[uint64]chan *sliverpb.Envelope
	RespMutex         *sync.RWMutex
	ActiveC2          string
	IsDead            bool
	ReconnectInterval uint32
}

Session - Represents a connection to an implant

func (*Session) Request

func (s *Session) Request(msgType uint32, timeout time.Duration, data []byte) ([]byte, error)

Request - Sends a protobuf request to the active sliver and returns the response

func (*Session) ToProtobuf

func (s *Session) ToProtobuf() *clientpb.Session

ToProtobuf - Get the protobuf version of the object

type Tunnel

type Tunnel struct {
	ID          uint64
	SessionID   uint32
	ToImplant   chan []byte
	FromImplant chan []byte
	Client      rpcpb.SliverRPC_TunnelDataServer
}

Tunnel - Essentially just a mapping between a specific client and sliver with an identifier, these tunnels are full duplex. The server doesn't really care what data gets passed back and forth it just facilitates the connection

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL