core

package
v1.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 15, 2024 License: GPL-3.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// Reactions - Manages/tracks reactions
	Reactions = &reactions{
		reactionMap: map[string][]Reaction{},
		mutex:       &sync.RWMutex{},
	}

	// ReactableEvents - A list of reactionable events
	ReactableEvents = []string{
		consts.SessionOpenedEvent,
		consts.SessionUpdateEvent,
		consts.SessionClosedEvent,
		consts.BeaconRegisteredEvent,
		consts.CanaryEvent,
		consts.WatchtowerEvent,
		consts.LootAddedEvent,
		consts.LootRemovedEvent,
	}
)
View Source
var (
	// SocksProxies - Struct instance that holds all the portfwds
	SocksProxies = socksProxy{
					// contains filtered or unexported fields
	}
	SocksConnPool = sync.Map{}
	SocksProxyID  = (uint64)(0)
)
View Source
var (
	// SessionID -> CursedProcess
	CursedProcesses = &sync.Map{}
)
View Source
var (
	// Portfwds - Struct instance that holds all the portfwds
	Portfwds = portfwds{
		// contains filtered or unexported fields
	}
)

Functions

func CloseCursedProcesses

func CloseCursedProcesses(sessionID string)

func CloseCursedProcessesByBindPort

func CloseCursedProcessesByBindPort(sessionID string, bindPort int)

func GetTunnels

func GetTunnels() *tunnels

GetTunnels - singleton function that returns or initializes all tunnels

func TunnelLoop

func TunnelLoop(rpc rpcpb.SliverRPCClient) error

TunnelLoop - Parses incoming tunnel messages and distributes them

             to session/tunnel objects
				Expected to be called only once during initialization

Types

type BOFArgsBuffer

type BOFArgsBuffer struct {
	Buffer *bytes.Buffer
}

func (*BOFArgsBuffer) AddData

func (b *BOFArgsBuffer) AddData(d []byte) error

func (*BOFArgsBuffer) AddInt

func (b *BOFArgsBuffer) AddInt(d uint32) error

func (*BOFArgsBuffer) AddShort

func (b *BOFArgsBuffer) AddShort(d uint16) error

func (*BOFArgsBuffer) AddString

func (b *BOFArgsBuffer) AddString(d string) error

func (*BOFArgsBuffer) AddWString

func (b *BOFArgsBuffer) AddWString(d string) error

func (*BOFArgsBuffer) GetBuffer

func (b *BOFArgsBuffer) GetBuffer() ([]byte, error)

type ChannelProxy

type ChannelProxy struct {
	Rpc     rpcpb.SliverRPCClient
	Session *clientpb.Session

	BindAddr        string
	RemoteAddr      string
	KeepAlivePeriod time.Duration
	DialTimeout     time.Duration
}

ChannelProxy binds the Sliver Tunnel to a net.Conn object one ChannelProxy per port bind.

Implements the Target interface from tcpproxy pkg

func (*ChannelProxy) HandleConn

func (p *ChannelProxy) HandleConn(conn net.Conn)

HandleConn - Handle a TCP connection

func (*ChannelProxy) Host

func (p *ChannelProxy) Host() string

Host - Returns the host (i.e., interface) of the TCP proxy

func (*ChannelProxy) HostPort

func (p *ChannelProxy) HostPort() (string, uint32)

HostPort - Returns the host and port of the TCP proxy

func (*ChannelProxy) Port

func (p *ChannelProxy) Port() uint32

Port - Returns the TCP port of the proxy

type CursedProcess

type CursedProcess struct {
	SessionID         string
	PID               uint32
	BindTCPPort       int
	PortFwd           *Portfwd
	Platform          string
	ExePath           string
	ChromeUserDataDir string
}

func CursedProcessBySessionID

func CursedProcessBySessionID(sessionID string) []*CursedProcess

func (*CursedProcess) DebugURL

func (c *CursedProcess) DebugURL() *url.URL

type Portfwd

type Portfwd struct {
	ID           int
	TCPProxy     *tcpproxy.Proxy
	ChannelProxy *ChannelProxy
}

Portfwd - Tracks portfwd<->tcpproxy

func (*Portfwd) GetMetadata

func (p *Portfwd) GetMetadata() *PortfwdMeta

GetMetadata - Get metadata about the portfwd

type PortfwdMeta

type PortfwdMeta struct {
	ID         int
	SessionID  string
	BindAddr   string
	RemoteAddr string
}

PortfwdMeta - Metadata about a portfwd listener

type Reaction

type Reaction struct {
	ID        int      `json:"-"`
	EventType string   `json:"event_type"`
	Commands  []string `json:"commands"`
}

Reaction - Metadata about a portfwd listener

type SocksProxy

type SocksProxy struct {
	ID           uint64
	ChannelProxy *TcpProxy
}

SocksProxy - Tracks portfwd<->tcpproxy

func (*SocksProxy) GetMetadata

func (p *SocksProxy) GetMetadata() *SocksProxyMeta

GetMetadata - Get metadata about the portfwd

type SocksProxyMeta

type SocksProxyMeta struct {
	ID        uint64
	SessionID string
	BindAddr  string
	Username  string
	Password  string
}

PortfwdMeta - Metadata about a portfwd listener

type TcpProxy

type TcpProxy struct {
	Rpc     rpcpb.SliverRPCClient
	Session *clientpb.Session

	Username        string
	Password        string
	BindAddr        string
	Listener        net.Listener
	KeepAlivePeriod time.Duration
	DialTimeout     time.Duration
}

func (*TcpProxy) Stop

func (tcp *TcpProxy) Stop() error

type TunnelIO

type TunnelIO struct {
	ID        uint64
	SessionID string

	Send chan []byte
	Recv chan []byte
	// contains filtered or unexported fields
}

TunnelIO - Duplex data tunnel, compatible with both io.ReadWriter

func NewTunnelIO

func NewTunnelIO(tunnelID uint64, sessionID string) *TunnelIO

NewTunnelIO - Single entry point for creating instance of new TunnelIO

func (*TunnelIO) Close

func (tun *TunnelIO) Close() error

Close - Close tunnel IO operations

func (*TunnelIO) IsOpen

func (tun *TunnelIO) IsOpen() bool

func (*TunnelIO) Open

func (tun *TunnelIO) Open() error

func (*TunnelIO) Read

func (tun *TunnelIO) Read(data []byte) (int, error)

Read - Reader method for interface

func (*TunnelIO) RecvData

func (tun *TunnelIO) RecvData(data []byte) error

RecvData - safe way to send data to internal Recv channel. Blocking.

func (*TunnelIO) Write

func (tun *TunnelIO) Write(data []byte) (int, error)

Write - Writer method for interface

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL