beaconscan

package
v1.0.14 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 26, 2022 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var SUPPORTED_VERSIONS = []int{3, 4}
View Source
var Savedata_buf []byte
View Source
var TYPE_INT = 2
View Source
var TYPE_SHORT = 1
View Source
var TYPE_STR = 3

Functions

func BeaconInitThread

func BeaconInitThread(wg *sync.WaitGroup, num *int, mutex *sync.Mutex, ChanUrlList chan string, filename string, t int, IsSave bool)

func BytesToInt

func BytesToInt(bys []byte) int

func Checksum8

func Checksum8() string

func Checksum8_X64

func Checksum8_X64() string

func CreateDir added in v1.0.12

func CreateDir(path string) (int, error)

创建文件夹

func DefaultpackedSetting_init_type

func DefaultpackedSetting_init_type(p *packedSetting_init_type) *packedSetting_init_type

func HasDir added in v1.0.12

func HasDir(path string) (bool, error)

判断文件夹是否存在

func InetNtoA

func InetNtoA(ip []byte) string

func IntToBytes

func IntToBytes(n int, b int) []byte

转换函数

func IsContain

func IsContain(items []int, item int) bool

func JsonFileWrite

func JsonFileWrite(filename string, bodyText string)

func MapToJson

func MapToJson(param map[string]string) string

func StructToJson

func StructToJson(s interface{}) string

func Writebase64Blob added in v1.0.12

func Writebase64Blob(base64Blob bool) packedSetting_init_typeOptions

func WriteboolFalseValue

func WriteboolFalseValue(boolFalseValue int) packedSetting_init_typeOptions

func Writedatatype

func Writedatatype(datatype int) packedSetting_init_typeOptions

func Writeenum

func Writeenum(enum map[byte]string) packedSetting_init_typeOptions

func WritehashBlob

func WritehashBlob(hashBlob bool) packedSetting_init_typeOptions

func WriteisBlob

func WriteisBlob(isBlob bool) packedSetting_init_typeOptions

func WriteisBool

func WriteisBool(isBool bool) packedSetting_init_typeOptions

func WriteisDate

func WriteisDate(isDate bool) packedSetting_init_typeOptions

func WriteisHeaders

func WriteisHeaders(isHeaders bool) packedSetting_init_typeOptions

func WriteisIpAddress

func WriteisIpAddress(isIpAddress bool) packedSetting_init_typeOptions

func WriteisMalleableStream

func WriteisMalleableStream(isMalleableStream bool) packedSetting_init_typeOptions

func WriteisProcInjectTransform

func WriteisProcInjectTransform(isProcInjectTransform bool) packedSetting_init_typeOptions

func Writelength

func Writelength(length int) packedSetting_init_typeOptions

func Writemask

func Writemask(mask map[byte]string) packedSetting_init_typeOptions

func Writepos

func Writepos(pos int) packedSetting_init_typeOptions

Types

type BeaconConfig

type BeaconConfig struct {
	BeaconType                string `json:"beacon_type"`
	Port                      string `json:"port"`
	CobaltStrikeVersion       int    `json:"cobaltstrikeversion"`
	SleepTime                 string `json:"sleep_time"`
	MaxGetSize                string `json:"max_get_size"`
	Jitter                    string `json:"jitter"`
	MaxDNS                    string `json:"max_dns"`
	PublicKey_Base64          string `json:"public_key_Base64"`
	PublicKey_MD5             string `json:"public_key_md5"`
	C2Server                  string `json:"c2server"`
	UserAgent                 string `json:"useragent"`
	HttpPostUri               string `json:"http_post_uri"`
	Malleable_C2_Instructions string `json:"malleable_c2_instructions"`
	HttpGet_Metadata          string `json:"httpget_metadata"`
	HttpPost_Metadata         string `json:"httppost_metadata"`
	PipeName                  string `json:"pipename"`
	DNS_Idle                  string `json:"dns_idle"`
	DNS_Sleep                 string `json:"dns_sleep"`
	SSH_Host                  string `json:"ssh_host"`
	SSH_Port                  string `json:"ssh_port"`
	SSH_Username              string `json:"ssh_username"`
	SSH_Password_Plaintext    string `json:"ssh_password_plaintext"`
	SSH_Password_Pubkey       string `json:"ssh_password_pubkey"`
	SSH_Banner                string `json:"ssh_banner"`
	HttpGet_Verb              string `json:"httpget_verb"`
	HttpPost_Verb             string `json:"httppost_verb"`
	HttpPostChunk             string `json:"httppost_chunk"`
	Spawnto_x86               string `json:"spawnto_x86"`
	Spawnto_x64               string `json:"spawnto_x64"`
	CryptoScheme              string `json:"crypto_scheme"`
	Proxy_Config              string `json:"proxy_config"`
	Proxy_User                string `json:"proxy_user"`
	Proxy_Password            string `json:"proxy_password"`
	Proxy_Behavior            string `json:"proxy_behavior"`
	Watermark_Hash            string `json:"watermark_hash"`
	Watermark                 string `json:"watermark"`

	KillDate string `json:"killdate"`

	ProcInject_PrependAppend_x86 string `json:"procinject_prependappend_x86"`
	ProcInject_PrependAppend_x64 string `json:"procinject_prependappend_x64"`
	ProcInject_Execute           string `json:"procinject_execute"`
	ProcInject_AllocationMethod  string `json:"procinject_allocationmethod"`

	HostHeader string `json:"hostheader"`

	DNS_Beaconing               string `json:"dns_beaconing"`
	DNS_get_TypeA               string `json:"dns_get_typea"`
	DNS_get_TypeAAAA            string `json:"dns_get_typeaaaa"`
	DNS_get_TypeTXT             string `json:"dns_get_typetxt"`
	DNS_put_metadata            string `json:"dns_put_metadata"`
	DNS_put_output              string `json:"dns_put_output"`
	DNS_resolver                string `json:"dns_resolver"`
	DNS_strategy                string `json:"dns_strategy"`
	DNS_strategy_rotate_seconds string `json:"dns_strategy_rotate_seconds"`
	DNS_strategy_fail_x         string `json:"dns_strategy_fail_x"`
	DNS_strategy_fail_seconds   string `json:"dns_strategy_fail_seconds"`
	Retry_Max_Attempts          string `json:"retry_max_attempts"`
	Retry_Increase_Attempts     string `json:"retry_increase_attempts"`
	Retry_Duration              string `json:"retry_duration"`
	// contains filtered or unexported fields
}

func BeaconSettings

func BeaconSettings(full_config_data []byte) BeaconConfig

func Beacon_config

func Beacon_config(buf []byte) BeaconConfig

type BodyMap

type BodyMap struct {
	URL            string       `json:"url,omitempty"`
	IsCobaltStrike bool         `json:"is_cobaltstrike,omitempty"`
	TrialVersion   bool         `json:"trial_version,omitempty"`
	Confidence     int          `json:"confidence,omitempty"`
	ConfidenceInfo string       `json:"confidence_info,omitempty"`
	Error          string       `json:"error,omitempty"`
	BeaconFileBin  string       `json:"beaconfile_bin,omitempty"`
	Beaconconfig   BeaconConfig `json:"beaconconfig"`
}

func Beaconinit

func Beaconinit(host string, filename string, t int, IsSave bool) (BodyMap, error)

Beaconinit 开始扫描 host: 目标地址 filename: 输出文件 t: 超时时间

func Write_decrypted_data added in v1.0.12

func Write_decrypted_data(bodyMap BodyMap, host string) BodyMap

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL