README
¶
Helpers
Just some helper functions which are used by multiple components of the framework.
Documentation
¶
Index ¶
- Constants
- func CheckFile(filePath string) bool
- func ClientBanner()
- func ExitOnError(errorMessage string)
- func FilterInput(r rune) (rune, bool)
- func GetExportOffset(filepath string, exportName string) (funcOffset uint32, err error)
- func GetImplantIndexFromSlice(implantUUID uuid.UUID, implantSlice []*messages.Implant) int
- func ImplantInImplantsSlice(implantID uuid.UUID, implants []*messages.Implant) bool
- func ImplantsHelpMenu()
- func ListenersHelpMenu()
- func MainHelpMenu()
- func NicePrinting(messageType string, message string)
- func PrintTime() string
- func ServerBanner()
- type BOOL
- type BYTE
- type DWORD
- type ExportDirectory
- type IMAGE_BASE_RELOCATION
- type IMAGE_DATA_DIRECTORY
- type IMAGE_DOS_HEADER
- type IMAGE_EXPORT_DIRECTORY
- type IMAGE_FILE_HEADER
- type IMAGE_IMPORT_BY_NAME
- type IMAGE_IMPORT_DESCRIPTOR
- type IMAGE_NT_HEADERS
- type IMAGE_NT_HEADERS64
- type IMAGE_OPTIONAL_HEADER
- type IMAGE_OPTIONAL_HEADER64
- type IMAGE_SECTION_HEADER
- type LONG
- type ULONGLONG
- type WORD
Constants ¶
View Source
const ( IMAGE_NUMBEROF_DIRECTORY_ENTRIES = 16 IMAGE_FILE_MACHINE_I386 = 0x014c IMAGE_FILE_MACHINE_AMD64 = 0x8664 DLL_PROCESS_ATTACH = 1 DLL_THREAD_ATTACH = 2 DLL_THREAD_DETACH = 3 DLL_PROCESS_DETACH = 0 IMAGE_DIRECTORY_ENTRY_EXPORT = 0 // Export Directory IMAGE_DIRECTORY_ENTRY_IMPORT = 1 // Import Directory IMAGE_DIRECTORY_ENTRY_RESOURCE = 2 // Resource Directory IMAGE_DIRECTORY_ENTRY_EXCEPTION = 3 // Exception Directory IMAGE_DIRECTORY_ENTRY_SECURITY = 4 // Security Directory IMAGE_DIRECTORY_ENTRY_BASERELOC = 5 // Base Relocation Table IMAGE_DIRECTORY_ENTRY_DEBUG = 6 // Debug Directory IMAGE_DIRECTORY_ENTRY_ARCHITECTURE = 7 // Architecture Specific Data IMAGE_DIRECTORY_ENTRY_GLOBALPTR = 8 // RVA of GP IMAGE_DIRECTORY_ENTRY_TLS = 9 // TLS Directory IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG = 10 // Load Configuration Directory IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT = 11 // Bound Import Directory in headers IMAGE_DIRECTORY_ENTRY_IAT = 12 // Import Address Table IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT = 13 // Delay Load Import Descriptors IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR = 14 // COM Runtime descriptor IMAGE_REL_BASED_HIGHLOW = 3 IMAGE_REL_BASED_DIR64 = 10 IMAGE_ORDINAL_FLAG64 = 0x8000000000000000 IMAGE_ORDINAL_FLAG32 = 0x80000000 )
View Source
const (
IMAGE_SIZEOF_SHORT_NAME = 8
)
Variables ¶
This section is empty.
Functions ¶
func ExitOnError ¶
func ExitOnError(errorMessage string)
This function is called when there is an error which leads to the application closing
func FilterInput ¶
From https://github.com/chzyer/readline/blob/master/example/readline-demo/readline-demo.go
func GetExportOffset ¶
Function used by the client to get the offset of the CLR's exported function (ReflectiveLoader)
func GetImplantIndexFromSlice ¶
Function to get index of implant from a slice
func ImplantInImplantsSlice ¶
This function checks if an implant is inside an implant slice by UUID
func NicePrinting ¶
Helper function to print nicely
Types ¶
type ExportDirectory ¶
type ExportDirectory struct {
Characteristics uint32
TimeDateStamp uint32
MajorVersion uint16
MinorVersion uint16
Name uint32
Base uint32
NumberOfFunctions uint32
NumberOfNames uint32
AddressOfFunctions uint32 // RVA from base of image
AddressOfNames uint32 // RVA from base of image
AddressOfNameOrdinals uint32 // RVA from base of image
}
ExportDirectory - stores the Export data
type IMAGE_BASE_RELOCATION ¶
type IMAGE_DATA_DIRECTORY ¶
type IMAGE_DATA_DIRECTORY _IMAGE_DATA_DIRECTORY
type IMAGE_DOS_HEADER ¶
type IMAGE_DOS_HEADER _IMAGE_DOS_HEADER
type IMAGE_EXPORT_DIRECTORY ¶
type IMAGE_EXPORT_DIRECTORY struct {
Characteristics DWORD
TimeDateStamp DWORD
MajorVersionv WORD
MinorVersion WORD
Name DWORD
Base DWORD
NumberOfFunctions DWORD
NumberOfNames DWORD
AddressOfFunctions DWORD // RVA from base of image
AddressOfNames DWORD // RVA from base of image
AddressOfNameOrdinals DWORD // RVA from base of image
}
type IMAGE_FILE_HEADER ¶
type IMAGE_FILE_HEADER _IMAGE_FILE_HEADER
type IMAGE_IMPORT_BY_NAME ¶
type IMAGE_IMPORT_DESCRIPTOR ¶
type IMAGE_IMPORT_DESCRIPTOR struct {
/*
union {
DWORD Characteristics; // 0 for terminating null import descriptor
DWORD OriginalFirstThunk; // RVA to original unbound IAT (PIMAGE_THUNK_DATA)
} DUMMYUNIONNAME;
DWORD TimeDateStamp; // 0 if not bound,
// -1 if bound, and real date\time stamp
// in IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (new BIND)
// O.W. date/time stamp of DLL bound to (Old BIND)
DWORD ForwarderChain; // -1 if no forwarders
DWORD Name;
DWORD FirstThunk; // RVA to IAT (if bound this IAT has actual addresses)
*/
OriginalFirstThunk DWORD
TimeDateStamp DWORD
ForwarderChain DWORD
Name DWORD
FirstThunk DWORD
}
type IMAGE_NT_HEADERS ¶
type IMAGE_NT_HEADERS IMAGE_NT_HEADERS64
type IMAGE_NT_HEADERS64 ¶
type IMAGE_NT_HEADERS64 _IMAGE_NT_HEADERS64
type IMAGE_OPTIONAL_HEADER ¶
type IMAGE_OPTIONAL_HEADER IMAGE_OPTIONAL_HEADER64
type IMAGE_OPTIONAL_HEADER64 ¶
type IMAGE_OPTIONAL_HEADER64 _IMAGE_OPTIONAL_HEADER64
type IMAGE_SECTION_HEADER ¶
type IMAGE_SECTION_HEADER _IMAGE_SECTION_HEADER
Source Files
Click to show internal directories.
Click to hide internal directories.