c2

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 2, 2022 License: GPL-3.0 Imports: 29 Imported by: 4

Documentation

Overview

Package c2 is the primary Command & Control (C2) endpoint for creating and managing a C2 Session or spinning up a C2 service.

Index

Constants

View Source
const (
	StatusWaiting  status = 0
	StatusAccepted status = iota
	StatusReceiving
	StatusCompleted
	StatusError
)

These are status values that indicate the general status of the Job.

View Source
const (
	// DefaultSleep is the default sleep Time when the provided sleep value is
	// empty or negative.
	DefaultSleep = time.Duration(60) * time.Second

	// DefaultJitter is the default Jitter value when the provided jitter value
	// is negative.
	DefaultJitter uint8 = 10
)
View Source
const (

	// RvResult is the generic value for indiciating a result value. Packets
	// that have this as their ID value will be forwarded to the authoritative
	// Mux and will be discarded if it does not match an active Job ID.
	RvResult uint8 = 0x14
	// RvMigrate is the ID value returned when a Session Migration has completed.
	// This Packet usually carries the new Device struct data.
	RvMigrate uint8 = 0x13
)
View Source
const (
	SvHello    uint8 = 0x02
	SvRegister uint8 = 0x03 // Considered a MvDrop.
	SvComplete uint8 = 0x04
	SvShutdown uint8 = 0x05
	SvDrop     uint8 = 0x06
)

ID entries that start with 'Sv*' will be handed directly by the underlying Session instead of being forwared to the authoritative Mux.

These Packet ID values are used for network congestion and flow control and should not be used in standard Packet entries.

Variables

View Source
var (
	// ErrNoHost is a error returned by the Connect and Listen functions when
	// the provided Profile does not provide a host string.
	ErrNoHost = xerr.Sub("empty or nil Host", 0x9)
	// ErrNoConn is an error returned by the Load* functions when an attempt to
	// discover the parent host failed due to a timeout.
	ErrNoConn = xerr.Sub("other side did not come up", 0x8)
	// ErrInvalidProfile is an error returned by c2 functions when the Profile
	// given is nil.
	ErrInvalidProfile = xerr.Sub("empty or nil Profile", 0x9)
)
View Source
var (
	// ErrMalformedPacket is an error returned by various Packet reading
	// functions when a Packet is attempted to be passed that is nil or invalid.
	//
	// Invalid Packets are packets that do not have a proper ID value or contain
	// an empty device ID.
	ErrMalformedPacket = xerr.Sub("empty or nil Packet", 0x9)
	// ErrInvalidPacketCount is returned when attempting to read a packet marked
	// as multi or frag an the total count returned is zero.
	ErrInvalidPacketCount = xerr.Sub("frag/multi total is zero on a frag/multi packet", 0xE)
)
View Source
var (
	// ProfileParser is a package level constant to be used when performing
	// Migrations. This function will take the resulting byte array and Marshal
	// it into a working c2 Profile interface.
	//
	// This function starts out as empty and will return an error.
	//
	// In order to use this properly, import the "cfg" package using a blank
	// import (if not already in use) as it will set this value on load.
	ProfileParser func([]byte) (Profile, error) = func(b []byte) (Profile, error) {
		return nil, xerr.Sub("no Profile parser loaded", 0x8)
	}

	// ErrNotAListener is an error that can be returned by a call to a Profile's
	// 'Listen' function when that operation is disabled.
	ErrNotAListener = xerr.Sub("not a listener", 0x8)
	// ErrNotAConnector is an error that can be returned by a call to a
	// Profile's 'Connect' function when that operation is disabled.
	ErrNotAConnector = xerr.Sub("not a connector", 0x8)
)
View Source
var (
	// ErrNoTask is returned from some functions that return Jobs. This will
	// be returned when the Job object will be nil due to the fact the function
	// was called on the client-side instead of the server-side.
	//
	// This is more of an informational message than an error, as this does NOT
	// indicate that the function failed, but that the Job object should NOT be
	// used as it is nil. (In case the Job object is not checked.)
	ErrNoTask = xerr.Sub("no Job created for client Session", 0x5)
	// ErrFullBuffer is returned from the WritePacket function when the send buffer
	// for the Session is full.
	//
	// This error also indicates that a call to 'Send' would block.
	ErrFullBuffer = xerr.Sub("buffer is full", 0x7)
)
View Source
var DefaultClientMux = MuxFunc(defaultClientMux)

DefaultClientMux is the default Session Mux instance that handles the default C2 server and client functions.

This operates cleanly with the default Server Mux instance.

View Source
var (
	// ErrTooManyPackets is an error returned by many of the Packet writing
	// functions when attempts to combine Packets would create a Packet grouping
	// size larger than the maximum size (65535 or 0xFFFF).
	ErrTooManyPackets = xerr.Sub("frag/multi count is larger than 0xFFFF", 0xE)
)

Functions

func Shoot added in v0.1.0

func Shoot(p Profile, n *com.Packet) error

Shoot sends the packet with the specified data to the server and does NOT register the device with the Server.

This is used for spending specific data segments in single use connections.

func ShootContext added in v0.2.0

func ShootContext(x context.Context, p Profile, n *com.Packet) error

ShootContext sends the packet with the specified data to the server and does NOT register the device with the Server.

This is used for spending specific data segments in single use connections.

This function version allows for setting the Context used.

Types

type Accepter added in v0.1.0

type Accepter interface {
	Listen(context.Context, string) (net.Listener, error)
}

Accepter is an interface that can be used to create listening sockets.

This interface defines a single function that returns a listener based on an accept address string.

The supplied Context can be used to close the listening socket.

type Connector added in v0.1.0

type Connector interface {
	Connect(context.Context, string) (net.Conn, error)
}

Connector is an interface that can be used to connect to listening sockets.

This interface defines a single function that returns a Connected socket based on the connection string.

The supplied Context can be used to close the connecting socket or interrupt blocking connections.

type Job

type Job struct {
	Start, Complete time.Time

	Result  *com.Packet
	Session *Session

	Update func(*Job)

	Error              string
	ID, Frags, Current uint16

	Type   uint8
	Status status
	// contains filtered or unexported fields
}

Job is a struct that is used to track and manage Tasks given to Session Clients.

This struct has function callbacks that can be used to watch for completion and offers a Wait function to pause execution until a response is received.

func (*Job) IsDone

func (j *Job) IsDone() bool

IsDone returns true when the Job has received a response.

func (*Job) IsError

func (j *Job) IsError() bool

IsError returns true when the Job has received a response, but the response is an error.

func (*Job) JSON added in v0.0.6

func (j *Job) JSON(w io.Writer) error

JSON returns the data of this Job as a JSON blob.

func (*Job) MarshalJSON added in v0.0.6

func (j *Job) MarshalJSON() ([]byte, error)

MarshalJSON fulfils the JSON Marshaler interface.

func (*Job) Wait

func (j *Job) Wait()

Wait will block until the Job is completed or the parent Server is shutdown.

type Listener

type Listener struct {
	// contains filtered or unexported fields
}

Listener is a struct that is passed back when a C2 Listener is added to the Server.

The Listener struct allows for controlling the Listener and setting callback functions to be used when a client connects, registers or disconnects.

func (*Listener) Address added in v0.0.6

func (l *Listener) Address() string

Address returns the string representation of the address the Listener is bound to.

func (*Listener) Close

func (l *Listener) Close() error

Close stops the operation of the Listener and any Sessions that may be connected.

Resources used with this Listener will be freed up for reuse. This function blocks until the listener socket is closed.

func (*Listener) Done added in v0.2.0

func (l *Listener) Done() <-chan struct{}

Done returns a channel that's closed when this Listener is closed.

This can be used to monitor a Listener's status using a select statement.

func (*Listener) IsActive

func (l *Listener) IsActive() bool

IsActive returns true if the Listener is still able to send and receive Packets.

func (*Listener) JSON added in v0.0.6

func (l *Listener) JSON(w io.Writer) error

JSON returns the data of this Listener as a JSON blob.

func (*Listener) MarshalJSON

func (l *Listener) MarshalJSON() ([]byte, error)

MarshalJSON fulfils the JSON Marshaler interface.

func (*Listener) Remove

func (l *Listener) Remove(i device.ID)

Remove removes and closes the Session and releases all it's associated resources.

This does not close the Session on the client's end, use the Shutdown function to properly shutdown the client process.

func (*Listener) Shutdown

func (l *Listener) Shutdown(i device.ID)

Shutdown triggers a remote Shutdown and closure of the Session associated with the Device ID.

This will not immediately close a Session. The Session will be removed when the Client acknowledges the shutdown request.

func (*Listener) String

func (l *Listener) String() string

String returns the Name of this Listener.

func (*Listener) Wait

func (l *Listener) Wait()

Wait will block until the current socket associated with this Listener is closed and shutdown.

type MultiWrapper

type MultiWrapper []Wrapper

MultiWrapper is an alias for an array of Wrappers.

This will preform the wrapper/unwrapping operations in the order of the array.

This is automatically created by some Profile instances when multiple Wrappers are present.

func (MultiWrapper) Unwrap

func (m MultiWrapper) Unwrap(r io.Reader) (io.Reader, error)

Unwrap satisfies the Wrapper interface.

func (MultiWrapper) Wrap

Wrap satisfies the Wrapper interface.

type Mux

type Mux interface {
	Handle(*Session, *com.Packet) bool
}

Mux is an interface that handles Packets when they arrive for Processing.

type MuxFunc

type MuxFunc func(*Session, *com.Packet) bool

MuxFunc is the definition of a Mux Handler function.

Once wrapped as a 'MuxFunc', these function aliases can be also used in place of the Mux interface.

func (MuxFunc) Handle

func (m MuxFunc) Handle(s *Session, n *com.Packet) bool

Handle satisfies the Mux interface requirement and will process the received Packet.

This function allows Wrapped MuxFunc objects to be used directly in place of more complex Mux definitions.

type Profile

type Profile interface {
	Jitter() int8
	Switch(bool) bool
	Sleep() time.Duration
	Next() (string, Wrapper, Transform)
	Connect(context.Context, string) (net.Conn, error)
	Listen(context.Context, string) (net.Listener, error)
}

Profile is an interface that defines a C2 connection.

This is used for setting the specifics that wil be used to listen by servers and for connections by clients.

type Proxy

type Proxy struct {
	// contains filtered or unexported fields
}

Proxy is a struct that controls a Proxied connection between a client and a server and allows for packets to be routed through a current established Session.

func (*Proxy) Address added in v0.1.0

func (p *Proxy) Address() string

Address returns the string representation of the address the Listener is bound to.

func (*Proxy) Close

func (p *Proxy) Close() error

Close stops the operation of the Proxy and any Sessions that may be connected.

Resources used with this Proxy will be freed up for reuse.

func (*Proxy) Done added in v0.2.0

func (p *Proxy) Done() <-chan struct{}

Done returns a channel that's closed when this Proxy is closed.

This can be used to monitor a Proxy's status using a select statement.

func (*Proxy) IsActive

func (p *Proxy) IsActive() bool

IsActive returns true if the Proxy is still able to send and receive Packets.

func (*Proxy) Wait

func (p *Proxy) Wait()

Wait will block until the current Proxy is closed and shutdown.

type Server

type Server struct {
	New      func(*Session)
	Oneshot  func(*com.Packet)
	Shutdown func(*Session)
	// contains filtered or unexported fields
}

Server is the manager for all C2 Listener and Sessions connection and states. This struct also manages all events and connection changes.

func NewServer

func NewServer(l logx.Log) *Server

NewServer creates a new Server instance for managing C2 Listeners and Sessions.

If the supplied Log is nil, the 'logx.NOP' log will be used.

func NewServerContext

func NewServerContext(x context.Context, l logx.Log) *Server

NewServerContext creates a new Server instance for managing C2 Listeners and Sessions.

If the supplied Log is nil, the 'logx.NOP' log will be used.

This function will use the supplied Context as the base context for cancelation.

func (*Server) Close

func (s *Server) Close() error

Close stops the processing thread from this Server and releases all associated resources.

This will signal the shutdown of all attached Listeners and Sessions.

func (*Server) Connected

func (s *Server) Connected() []*Session

Connected returns an array of all the current Sessions connected to Listeners running on this Server instance.

func (*Server) Done added in v0.2.0

func (s *Server) Done() <-chan struct{}

Done returns a channel that's closed when this Server is closed.

This can be used to monitor a Server's status using a select statement.

func (*Server) IsActive

func (s *Server) IsActive() bool

IsActive returns true if this Server is still able to Process events.

func (*Server) JSON added in v0.1.0

func (s *Server) JSON(w io.Writer) error

JSON returns the data of this Server as a JSON blob.

func (*Server) Listen

func (s *Server) Listen(n string, p Profile) (*Listener, error)

Listen adds the Listener under the name provided. A Listener struct to control and receive callback functions is added to assist in managing connections to this Listener.

func (*Server) ListenContext added in v0.1.0

func (s *Server) ListenContext(x context.Context, n string, p Profile) (*Listener, error)

ListenContext adds the Listener under the name provided. A Listener struct to control and receive callback functions is added to assist in managing connections to this Listener.

This function version allows for overriting the Context passed to the Session.

func (*Server) Listener added in v0.0.6

func (s *Server) Listener(n string) *Listener

Listener returns the lister with the provided name if it exists, nil otherwise.

func (*Server) Listeners added in v0.0.6

func (s *Server) Listeners() []*Listener

Listeners returns all the Listeners current active on this Server.

func (*Server) MarshalJSON

func (s *Server) MarshalJSON() ([]byte, error)

MarshalJSON fulfils the JSON Marshaler interface.

func (*Server) Session added in v0.0.6

func (s *Server) Session(i device.ID) *Session

Session returns the Session that matches the specified Device ID.

This function will return nil if no matching Device ID is found.

func (*Server) SetLog added in v0.1.0

func (s *Server) SetLog(l logx.Log)

SetLog will set the internal logger used by the Server and any underlying Listeners, Sessions and Proxies.

This function is a NOP if the logger is nil or logging is not enabled via the 'implant' build tag.

func (*Server) Wait

func (s *Server) Wait()

Wait will block until the current Server is closed and shutdown.

type Session

type Session struct {
	Last, Created time.Time

	Mux Mux

	Shutdown func(*Session)
	Receive  func(*Session, *com.Packet)

	Device device.Machine

	ID device.ID
	// contains filtered or unexported fields
}

Session is a struct that represents a connection between the client and the Listener.

This struct does some automatic handeling and acts as the communication channel between the client and server.

func Connect

func Connect(l logx.Log, p Profile) (*Session, error)

Connect creates a Session using the supplied Profile to connect to the listening server specified in the Profile.

A Session will be returned if the connection handshake succeeds, otherwise a connection-specific error will be returned.

func ConnectContext added in v0.1.0

func ConnectContext(x context.Context, l logx.Log, p Profile) (*Session, error)

ConnectContext creates a Session using the supplied Profile to connect to the listening server specified in the Profile.

A Session will be returned if the connection handshake succeeds, otherwise a connection-specific error will be returned.

This function version allows for setting the Context passed to the Session.

func Load added in v0.2.0

func Load(l logx.Log, n string, t time.Duration) (*Session, error)

Load will attempt to find a Session in another process or thread that is pending Migration. This function will look on the Pipe name provided for the specified duration period.

If a Session is found, it is loaded and the provided log is used for the local Session log.

If a Session is not found, or errors, this function returns an error message or a timeout with a nil Session.

func LoadContext added in v0.2.0

func LoadContext(x context.Context, l logx.Log, n string, t time.Duration) (*Session, error)

LoadContext will attempt to find a Session in another process or thread that is pending Migration. This function will look on the Pipe name provided for the specified duration period.

If a Session is found, it is loaded and the provided log and Context are used for the local Session log and parent Context.

If a Session is not found, or errors, this function returns an error message or a timeout with a nil Session.

func LoadOrConnect added in v0.2.0

func LoadOrConnect(x context.Context, l logx.Log, n string, t time.Duration, p Profile) (*Session, error)

LoadOrConnect will attempt to find a Session in another process or thread that is pending Migration. This function will look on the Pipe name provided for the specified duration period.

If a Session is found, it is loaded and the provided log and Context are used for the local Session log and parent Context.

If a Session is not found or the Migration fails with an error, then this function creates a Session using the supplied Profile to connect to the listening server specified in the Profile.

A Session will be returned if the connection handshake succeeds, otherwise a connection-specific error will be returned.

func (*Session) Close

func (s *Session) Close() error

Close stops the listening thread from this Session and releases all associated resources.

This function blocks until the running threads close completely.

func (*Session) Done added in v0.2.0

func (s *Session) Done() <-chan struct{}

Done returns a channel that's closed when this Session is closed.

This can be used to monitor a Session's status using a select statement.

func (*Session) InChannel added in v0.1.0

func (s *Session) InChannel() bool

InChannel will return true is this Session sets the Channel flag on any Packets that flow through this Session, including Proxied clients or if this Session is currently in Channel mode, even if not explicitly set.

func (*Session) IsActive

func (s *Session) IsActive() bool

IsActive returns true if this Session is still able to send and receive Packets.

func (*Session) IsClient

func (s *Session) IsClient() bool

IsClient returns true when this Session is not associated to a Listener on this end, which signifies that this session is Client initiated or we are on a client device.

func (*Session) IsClosed added in v0.2.0

func (s *Session) IsClosed() bool

IsClosed returns true if the Session is considered "Closed" and cannot send/receive Packets.

func (*Session) IsProxy

func (s *Session) IsProxy() bool

IsProxy returns true when a Proxy has been attached to this Session and is active.

func (*Session) JSON added in v0.0.6

func (s *Session) JSON(w io.Writer) error

JSON returns the data of this Session as a JSON blob.

func (*Session) Jitter

func (s *Session) Jitter() uint8

Jitter returns the Jitter percentage value. Values of zero (0) indicate that Jitter is disabled.

func (*Session) Job added in v0.0.6

func (s *Session) Job(i uint16) *Job

Job returns a Job with the associated ID, if it exists. It returns nil otherwise.

func (*Session) Jobs added in v0.0.6

func (s *Session) Jobs() []*Job

Jobs returns all current Jobs for this Session.

This returns nil if there are no Jobs or this Session does not have the ability to schedule them.

func (*Session) Listener added in v0.0.6

func (s *Session) Listener() *Listener

Listener will return the Listener that created the Session. This will return nil if the session is not on the server side.

func (*Session) MarshalJSON

func (s *Session) MarshalJSON() ([]byte, error)

MarshalJSON fulfils the JSON Marshaler interface.

func (*Session) Migrate added in v0.2.0

func (s *Session) Migrate(wait bool, n string, job uint16, r runnable) (uint32, error)

Migrate will execute the provided runnable and will wait up to 60 seconds (can be changed using 'MigrateProfile') to transfer execution control to the new runnable using a Pipe connection with the name provided.

This function uses the Profile that was used to create this Session. This will fail if the Profile is not binary Marshalable.

If 'wait' is true, this will wait for all events to complete before starting the Migration process.

The provided JobID will be used to indicate to the server that the associated Migration Task was completed, as the new client will sent a 'RvMigrate' with the associated JobID once Migration has completed successfully.

The return values for this function are the new PID used and any errors that may have occurred during Migration.

func (*Session) MigrateProfile added in v0.2.0

func (s *Session) MigrateProfile(wait bool, n string, b []byte, job uint16, t time.Duration, e runnable) (uint32, error)

MigrateProfile will execute the provided runnable and will wait up to the provided duration to transfer execution control to the new runnable using a Pipe connection with the name provided.

This function uses the provided profile bytes unless the byte slice is empty, then this will use the Profile that was used to create this Session. This will fail if the Profile is not binary Marshalable.

If 'wait' is true, this will wait for all events to complete before starting the Migration process.

The provided JobID will be used to indicate to the server that the associated Migration Task was completed, as the new client will sent a 'RvMigrate' with the associated JobID once Migration has completed successfully.

The return values for this function are the new PID used and any errors that may have occurred during Migration.

func (*Session) Packets

func (s *Session) Packets() <-chan *com.Packet

Packets will create and setup the Packet receiver channel. This function will then return the read-only Packet channel for use.

This function is safe to use multiple times as it will return the same chan if it already exists.

func (*Session) Proxy

func (s *Session) Proxy(p Profile) (*Proxy, error)

Proxy establishes a new listening Proxy connection using the supplied Profile that will send any received Packets "upstream" via the current Session.

Packets destined for hosts connected to this proxy will be routed back and forth on this Session.

This function will return an error if this is not a client Session or listening fails.

func (*Session) Read

func (s *Session) Read() *com.Packet

Read attempts to grab a Packet from the receiving buffer.

This function returns nil if the buffer is empty.

func (*Session) RemoteAddr

func (s *Session) RemoteAddr() string

RemoteAddr returns a string representation of the remotely connected IP address.

This could be the IP address of the c2 server or the public IP of the client.

func (*Session) Remove added in v0.0.6

func (s *Session) Remove()

Remove will instruct the parent Listener remove itself. This has no effect if the Session is a client Session.

func (*Session) Send

func (s *Session) Send(p *com.Packet)

Send adds the supplied Packet into the stack to be sent to the server on next wake. This call is asynchronous and returns immediately.

Unlike 'Write' this function does NOT return an error and will wait if the send buffer is full.

func (*Session) SetChannel

func (s *Session) SetChannel(c bool)

SetChannel will disable setting the Channel mode of this Session.

If true, every Packet sent will trigger Channel mode. This setting does NOT affect the Session enabling Channel mode if a Packet is sent with the Channel Flag enabled.

Changes to this setting will call the 'Wake' function.

func (*Session) SetDuration

func (s *Session) SetDuration(t time.Duration, j int) (*Job, error)

SetDuration sets the wake interval period and Jitter for this Session. This is the time value between connections to the C2 Server.

Jitter is a 0 to 100 percentage (inclusive) that will determine any +/- time is added to the waiting period. This assists in evading IDS/NDS devices/systems.

A value of 0 will disable Jitter and any value over 100 will set the value to 100, which represents using Jitter 100% of the time.

If this is a Server-side Session, the new value will be sent to the Client in a MvTime Packet.

func (*Session) SetJitter

func (s *Session) SetJitter(j int) (*Job, error)

SetJitter sets Jitter percentage of the Session's wake interval. This is a 0 to 100 percentage (inclusive) that will determine any +/- time is added to the waiting period. This assists in evading IDS/NDS devices/systems.

A value of 0 will disable Jitter and any value over 100 will set the value to 100, which represents using Jitter 100% of the time.

If this is a Server-side Session, the new value will be sent to the Client in a MvTime Packet.

func (*Session) SetProfile added in v0.2.0

func (s *Session) SetProfile(p Profile) (*Job, error)

SetProfile will set the Profile used by this Session. This function will ensure that the profile is marshalable before setting and will then pass it to be set by the client Session (if this isn't one already).

If this is a server-side Session, this will trigger the sending of a MvProfile Packet to update the client-side instance, which will update on it's next wakeup cycle.

If this is a client-side session the error 'ErrNoTask' will be returned AFTER setting the Profile and indicates that no Packet will be sent and that the Job object result is nil.

func (*Session) SetProfileBytes added in v0.2.0

func (s *Session) SetProfileBytes(b []byte) (*Job, error)

SetProfileBytes will set the Profile used by this Session. This function will unmarshal and set the server-side before setting and will then pass it to be set by the client Session (if this isn't one already).

If this is a server-side Session, this will trigger the sending of a MvProfile Packet to update the client-side instance, which will update on it's next wakeup cycle.

This function will fail if no ProfileParser is set.

If this is a client-side session the error 'ErrNoTask' will be returned AFTER setting the Profile and indicates that no Packet will be sent and that the Job object result is nil.

func (*Session) SetSleep

func (s *Session) SetSleep(t time.Duration) (*Job, error)

SetSleep sets the wake interval period for this Session. This is the time value between connections to the C2 Server.

If this is a Server-side Session, the new value will be sent to the Client in a MvTime Packet. This setting does not affect Jitter.

func (*Session) Spawn added in v0.2.0

func (s *Session) Spawn(n string, r runnable) (uint32, error)

Spawn will execute the provided runnable and will wait up to the provided duration to transfer profile and Session information to the new runnable using a Pipe connection with the name provided. Once complete, and additional copy of this Session (with a different ID) will exist.

This function uses the Profile that was used to create this Session. This will fail if the Profile is not binary Marshalable.

The return values for this function are the new PID used and any errors that may have occurred during the Spawn.

func (*Session) SpawnProfile added in v0.2.0

func (s *Session) SpawnProfile(n string, b []byte, t time.Duration, e runnable) (uint32, error)

SpawnProfile will execute the provided runnable and will wait up to the provided duration to transfer profile and Session information to the new runnable using a Pipe connection with the name provided. Once complete, and additional copy of this Session (with a different ID) will exist.

This function uses the provided profile bytes unless the byte slice is empty, then this will use the Profile that was used to create this Session. This will fail if the Profile is not binary Marshalable.

The return values for this function are the new PID used and any errors that may have occurred during the Spawn.

func (*Session) String

func (s *Session) String() string

String returns the details of this Session as a string.

func (*Session) Task added in v0.1.0

func (s *Session) Task(n *com.Packet) (*Job, error)

Task is a function that will attach a JobID to the specified Packet (if empty) and wil return a Job promise that can be used to internally keep track of a response Packet with a matching Job ID.

Errors will be returned if Task is attempted on an invalid Packet, this Session is a client-side Session, Job ID is already used or the scheduler is full.

func (*Session) Tasklet added in v0.2.0

func (s *Session) Tasklet(t task.Tasklet) (*Job, error)

Tasklet is a function similar to Task and will attach a JobID to the specified Packet created by the supplied Tasklet and wil return a Job promise that can be used to internally keep track of a response Packet with a matching Job ID.

If the Tasklet has an issue generating the payload, it will return an error before scheduling.

Errors will be returned if Task is attempted on an invalid Packet, this Session is a client-side Session, Job ID is already or the scheduler is full.

func (*Session) Time

func (s *Session) Time() time.Duration

Time returns the value for the timeout period between C2 Server connections.

func (*Session) Wait

func (s *Session) Wait()

Wait will block until the current Session is closed and shutdown.

func (*Session) Wake

func (s *Session) Wake()

Wake will interrupt the sleep of the current Session thread. This will trigger the send and receive functions of this Session.

This is not valid for Server side Sessions.

func (*Session) Write

func (s *Session) Write(p *com.Packet) error

Write adds the supplied Packet into the stack to be sent to the server on the next wake. This call is asynchronous and returns immediately.

'ErrFullBuffer' will be returned if the send buffer is full.

type Static added in v0.1.0

type Static struct {
	// W is the Wrapper
	W Wrapper
	// T is the Transform
	T Transform
	// L is the Acceptor or Server Listener Connector
	L Accepter
	// C is the Connector or Client Connector
	C Connector
	// H is the Target Host or Listen Address
	H string
	// S is the Sleep duration
	S time.Duration
	// J is the Jitter percentage
	J int8
}

Static is a simple static Profile implementation.

This struct fills all the simple values for a Profile without anything Fancy.

The single letter attributes represent the values that are used.

If 'S' or 'J' are omitted or zero values, they will be replaced with the DefaultJitter and DefaultSleep values respectively.

If the 'L' or 'C' values are omitted or nil, they will disable that function of this Profile.

func (Static) Connect added in v0.2.0

func (s Static) Connect(x context.Context, a string) (net.Conn, error)

Connect is a function that will preform a Connection attempt against the supplied address string.

This function may return an error if a connection could not be made or if this Profile does not support Client-side connections.

It is recommended for implementations to implement using the passed Context to stop in-flight calls.

func (Static) Jitter added in v0.1.0

func (s Static) Jitter() int8

Jitter fulfils the Profile interface.

func (Static) Listen added in v0.2.0

func (s Static) Listen(x context.Context, a string) (net.Listener, error)

Listen is a function that will attempt to create a listening connection on the supplied address string.

This function may return an error if a listener could not be created or if this Profile does not support Server-side connections.

It is recommended for implementations to implement using the passed Context to stop running Listeners.

func (Static) Next added in v0.2.0

func (s Static) Next() (string, Wrapper, Transform)

Next is a function call that can be used to grab the Profile's current target along with the appropriate Wrapper and Transform.

Implementations of a Profile are recommend to ensure that this function does not affect how the Profile currently works until a call to 'Switch' as this WILL be called on startup of a Session.

func (Static) Sleep added in v0.1.0

func (s Static) Sleep() time.Duration

Sleep returns a value that indicates the amount of time a Session should wait before attempting communication again, modified by Jitter (if enabled).

Sleep MUST be greater than zero (0), any value that is zero or less is ignored and indicates that this profile does not set a Sleep value and will use the system default '60s'.

func (Static) Switch added in v0.2.0

func (Static) Switch(_ bool) bool

Switch is function that will indicate to the caller if the 'Next' function needs to be called. Calling this function has the potential to advanced the Profile group, if avaliable.

The supplied boolean must be true if the last call to 'Connect' ot 'Listen' resulted in an error or if a forced switch if warrented. This indicates to the Profile is "dirty" and a switchover must be done.

It is recommended to call the 'Next' function after if the result of this function is true.

Static Profile vairants may always return 'false' to prevent allocations.

type Transform

type Transform interface {
	Read([]byte, io.Writer) error
	Write([]byte, io.Writer) error
}

Transform is an interface that can modify the data BEFORE it is written or AFTER is read from a Connection.

Transforms may be used to mask and unmask communications as benign protocols such as DNS, FTP or HTTP.

type Wrapper

type Wrapper interface {
	Unwrap(io.Reader) (io.Reader, error)
	Wrap(io.WriteCloser) (io.WriteCloser, error)
}

Wrapper is an interface that wraps the binary streams into separate stream types. This allows for using encryption or compression (or both!).

Directories

Path Synopsis
Package cfg is used to generate Binary versions of C2 Profiles and can be used to create automatic Profile 'Groups' with multiple communication and encoding types to be used by a Single session.
Package cfg is used to generate Binary versions of C2 Profiles and can be used to create automatic Profile 'Groups' with multiple communication and encoding types to be used by a Single session.
Package cout is a simple log handeling solution for the c2 package.
Package cout is a simple log handeling solution for the c2 package.
Package task is a simple collection of Task based functions that cane be tasked to Sessions by the Server.
Package task is a simple collection of Task based functions that cane be tasked to Sessions by the Server.
Package transform is a simple container package for c2 Transform types.
Package transform is a simple container package for c2 Transform types.
Package wrapper is a simple container package for c2 Wrapper types.
Package wrapper is a simple container package for c2 Wrapper types.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL