Documentation
¶
Index ¶
- Variables
- func CloseCursedProcesses(sessionID string)
- func CloseCursedProcessesByBindPort(sessionID string, bindPort int)
- func GetTunnels() *tunnels
- func TunnelLoop(rpc rpcpb.SliverRPCClient) error
- type BOFArgsBuffer
- type ChannelProxy
- type CursedProcess
- type Portfwd
- type PortfwdMeta
- type Reaction
- type SocksProxy
- type SocksProxyMeta
- type TcpProxy
- type TunnelIO
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // Reactions - Manages/tracks reactions Reactions = &reactions{ reactionMap: map[string][]Reaction{}, mutex: &sync.RWMutex{}, } // ReactableEvents - A list of reactionable events ReactableEvents = []string{ consts.SessionOpenedEvent, consts.SessionUpdateEvent, consts.SessionClosedEvent, consts.BeaconRegisteredEvent, consts.CanaryEvent, consts.WatchtowerEvent, consts.LootAddedEvent, consts.LootRemovedEvent, } )
View Source
var ( // SocksProxies - Struct instance that holds all the portfwds SocksProxies = socksProxy{ // contains filtered or unexported fields } SocksConnPool = sync.Map{} SocksProxyID = (uint64)(0) )
View Source
var ( // SessionID -> CursedProcess CursedProcesses = &sync.Map{} )
View Source
var ( // Portfwds - Struct instance that holds all the portfwds Portfwds = portfwds{ // contains filtered or unexported fields } )
Functions ¶
func CloseCursedProcesses ¶ added in v1.5.25
func CloseCursedProcesses(sessionID string)
func CloseCursedProcessesByBindPort ¶ added in v1.5.25
func GetTunnels ¶ added in v1.5.14
func GetTunnels() *tunnels
GetTunnels - singleton function that returns or initializes all tunnels
func TunnelLoop ¶
func TunnelLoop(rpc rpcpb.SliverRPCClient) error
TunnelLoop - Parses incoming tunnel messages and distributes them
to session/tunnel objects Expected to be called only once during initialization
Types ¶
type BOFArgsBuffer ¶ added in v1.5.0
func (*BOFArgsBuffer) AddData ¶ added in v1.5.0
func (b *BOFArgsBuffer) AddData(d []byte) error
func (*BOFArgsBuffer) AddInt ¶ added in v1.5.0
func (b *BOFArgsBuffer) AddInt(d uint32) error
func (*BOFArgsBuffer) AddShort ¶ added in v1.5.0
func (b *BOFArgsBuffer) AddShort(d uint16) error
func (*BOFArgsBuffer) AddString ¶ added in v1.5.0
func (b *BOFArgsBuffer) AddString(d string) error
func (*BOFArgsBuffer) AddWString ¶ added in v1.5.0
func (b *BOFArgsBuffer) AddWString(d string) error
func (*BOFArgsBuffer) GetBuffer ¶ added in v1.5.0
func (b *BOFArgsBuffer) GetBuffer() ([]byte, error)
type ChannelProxy ¶ added in v1.4.12
type ChannelProxy struct {
Rpc rpcpb.SliverRPCClient
Session *clientpb.Session
BindAddr string
RemoteAddr string
KeepAlivePeriod time.Duration
DialTimeout time.Duration
}
ChannelProxy binds the Sliver Tunnel to a net.Conn object one ChannelProxy per port bind.
Implements the Target interface from tcpproxy pkg
func (*ChannelProxy) HandleConn ¶ added in v1.4.12
func (p *ChannelProxy) HandleConn(conn net.Conn)
HandleConn - Handle a TCP connection
func (*ChannelProxy) Host ¶ added in v1.4.12
func (p *ChannelProxy) Host() string
Host - Returns the host (i.e., interface) of the TCP proxy
func (*ChannelProxy) HostPort ¶ added in v1.4.12
func (p *ChannelProxy) HostPort() (string, uint32)
HostPort - Returns the host and port of the TCP proxy
func (*ChannelProxy) Port ¶ added in v1.4.12
func (p *ChannelProxy) Port() uint32
Port - Returns the TCP port of the proxy
type CursedProcess ¶ added in v1.5.25
type CursedProcess struct {
SessionID string
PID uint32
BindTCPPort int
PortFwd *Portfwd
Platform string
ExePath string
ChromeUserDataDir string
}
func CursedProcessBySessionID ¶ added in v1.5.25
func CursedProcessBySessionID(sessionID string) []*CursedProcess
func (*CursedProcess) DebugURL ¶ added in v1.5.25
func (c *CursedProcess) DebugURL() *url.URL
type Portfwd ¶ added in v1.4.12
type Portfwd struct {
ID int
TCPProxy *tcpproxy.Proxy
ChannelProxy *ChannelProxy
}
Portfwd - Tracks portfwd<->tcpproxy
func (*Portfwd) GetMetadata ¶ added in v1.4.12
func (p *Portfwd) GetMetadata() *PortfwdMeta
GetMetadata - Get metadata about the portfwd
type PortfwdMeta ¶ added in v1.4.12
PortfwdMeta - Metadata about a portfwd listener
type Reaction ¶ added in v1.4.19
type Reaction struct {
ID int `json:"-"`
EventType string `json:"event_type"`
Commands []string `json:"commands"`
}
Reaction - Metadata about a portfwd listener
type SocksProxy ¶ added in v1.5.0
SocksProxy - Tracks portfwd<->tcpproxy
func (*SocksProxy) GetMetadata ¶ added in v1.5.0
func (p *SocksProxy) GetMetadata() *SocksProxyMeta
GetMetadata - Get metadata about the portfwd
type SocksProxyMeta ¶ added in v1.5.0
type SocksProxyMeta struct {
ID uint64
SessionID string
BindAddr string
Username string
Password string
}
PortfwdMeta - Metadata about a portfwd listener
type TcpProxy ¶ added in v1.5.0
type TunnelIO ¶ added in v1.5.14
type TunnelIO struct {
ID uint64
SessionID string
Send chan []byte
Recv chan []byte
// contains filtered or unexported fields
}
TunnelIO - Duplex data tunnel, compatible with both io.ReadWriter
func NewTunnelIO ¶ added in v1.5.14
NewTunnelIO - Single entry point for creating instance of new TunnelIO
Source Files
Click to show internal directories.
Click to hide internal directories.