Documentation ¶
Index ¶
- Variables
- func CloseCursedProcesses(sessionID string)
- func CloseCursedProcessesByBindPort(sessionID string, bindPort int)
- func GetTunnels() *tunnels
- func TunnelLoop(rpc rpcpb.SliverRPCClient) error
- type BOFArgsBuffer
- type ChannelProxy
- type CursedProcess
- type Portfwd
- type PortfwdMeta
- type Reaction
- type SocksProxy
- type SocksProxyMeta
- type TcpProxy
- type TunnelIO
Constants ¶
This section is empty.
Variables ¶
var ( // Reactions - Manages/tracks reactions Reactions = &reactions{ reactionMap: map[string][]Reaction{}, mutex: &sync.RWMutex{}, } // ReactableEvents - A list of reactionable events ReactableEvents = []string{ consts.SessionOpenedEvent, consts.SessionUpdateEvent, consts.SessionClosedEvent, consts.BeaconRegisteredEvent, consts.CanaryEvent, consts.WatchtowerEvent, consts.LootAddedEvent, consts.LootRemovedEvent, } )
var ( // SocksProxies - Struct instance that holds all the portfwds SocksProxies = socksProxy{ // contains filtered or unexported fields } SocksConnPool = sync.Map{} SocksProxyID = (uint64)(0) )
var ( // SessionID -> CursedProcess CursedProcesses = &sync.Map{} )
var ( // Portfwds - Struct instance that holds all the portfwds Portfwds = portfwds{ // contains filtered or unexported fields } )
Functions ¶
func CloseCursedProcesses ¶
func CloseCursedProcesses(sessionID string)
func GetTunnels ¶
func GetTunnels() *tunnels
GetTunnels - singleton function that returns or initializes all tunnels
func TunnelLoop ¶
func TunnelLoop(rpc rpcpb.SliverRPCClient) error
TunnelLoop - Parses incoming tunnel messages and distributes them
to session/tunnel objects Expected to be called only once during initialization
Types ¶
type BOFArgsBuffer ¶
func (*BOFArgsBuffer) AddData ¶
func (b *BOFArgsBuffer) AddData(d []byte) error
func (*BOFArgsBuffer) AddInt ¶
func (b *BOFArgsBuffer) AddInt(d uint32) error
func (*BOFArgsBuffer) AddShort ¶
func (b *BOFArgsBuffer) AddShort(d uint16) error
func (*BOFArgsBuffer) AddString ¶
func (b *BOFArgsBuffer) AddString(d string) error
func (*BOFArgsBuffer) AddWString ¶
func (b *BOFArgsBuffer) AddWString(d string) error
func (*BOFArgsBuffer) GetBuffer ¶
func (b *BOFArgsBuffer) GetBuffer() ([]byte, error)
type ChannelProxy ¶
type ChannelProxy struct { Rpc rpcpb.SliverRPCClient Session *clientpb.Session BindAddr string RemoteAddr string KeepAlivePeriod time.Duration DialTimeout time.Duration }
ChannelProxy binds the Sliver Tunnel to a net.Conn object one ChannelProxy per port bind.
Implements the Target interface from tcpproxy pkg
func (*ChannelProxy) HandleConn ¶
func (p *ChannelProxy) HandleConn(conn net.Conn)
HandleConn - Handle a TCP connection
func (*ChannelProxy) Host ¶
func (p *ChannelProxy) Host() string
Host - Returns the host (i.e., interface) of the TCP proxy
func (*ChannelProxy) HostPort ¶
func (p *ChannelProxy) HostPort() (string, uint32)
HostPort - Returns the host and port of the TCP proxy
func (*ChannelProxy) Port ¶
func (p *ChannelProxy) Port() uint32
Port - Returns the TCP port of the proxy
type CursedProcess ¶
type CursedProcess struct { SessionID string PID uint32 BindTCPPort int PortFwd *Portfwd Platform string ExePath string ChromeUserDataDir string }
func CursedProcessBySessionID ¶
func CursedProcessBySessionID(sessionID string) []*CursedProcess
func (*CursedProcess) DebugURL ¶
func (c *CursedProcess) DebugURL() *url.URL
type Portfwd ¶
type Portfwd struct { ID int TCPProxy *tcpproxy.Proxy ChannelProxy *ChannelProxy }
Portfwd - Tracks portfwd<->tcpproxy
func (*Portfwd) GetMetadata ¶
func (p *Portfwd) GetMetadata() *PortfwdMeta
GetMetadata - Get metadata about the portfwd
type PortfwdMeta ¶
PortfwdMeta - Metadata about a portfwd listener
type Reaction ¶
type Reaction struct { ID int `json:"-"` EventType string `json:"event_type"` Commands []string `json:"commands"` }
Reaction - Metadata about a portfwd listener
type SocksProxy ¶
SocksProxy - Tracks portfwd<->tcpproxy
func (*SocksProxy) GetMetadata ¶
func (p *SocksProxy) GetMetadata() *SocksProxyMeta
GetMetadata - Get metadata about the portfwd
type SocksProxyMeta ¶
type SocksProxyMeta struct { ID uint64 SessionID string BindAddr string Username string Password string }
PortfwdMeta - Metadata about a portfwd listener
type TcpProxy ¶
type TunnelIO ¶
type TunnelIO struct { ID uint64 SessionID string Send chan []byte Recv chan []byte // contains filtered or unexported fields }
TunnelIO - Duplex data tunnel, compatible with both io.ReadWriter
func NewTunnelIO ¶
NewTunnelIO - Single entry point for creating instance of new TunnelIO