Documentation ¶
Overview ¶
Package cfg is used to generate Binary versions of C2 Profiles and can be used to create automatic Profile 'Groups' with multiple communication and encoding types to be used by a Single session.
Index ¶
- Constants
- Variables
- func Build(s ...Setting) (c2.Profile, error)
- func Bytes(s ...Setting) []byte
- func File(s string) (c2.Profile, error)
- func JSON(s ...Setting) ([]byte, error)
- func Raw(b []byte) (c2.Profile, error)
- func Reader(r io.Reader) (c2.Profile, error)
- func Write(w io.Writer, s ...Setting) error
- type Config
- func (c *Config) Add(s ...Setting)
- func (c *Config) AddGroup(s ...Setting)
- func (c Config) Build() (c2.Profile, error)
- func (c Config) Bytes() []byte
- func (c Config) Group(p int) Config
- func (c Config) Groups() int
- func (c Config) Len() int
- func (c Config) MarshalJSON() ([]byte, error)
- func (c Config) String() string
- func (c *Config) UnmarshalJSON(b []byte) error
- func (c Config) Validate() error
- func (c Config) Write(w io.Writer) error
- type Group
- func (g *Group) Connect(x context.Context, s string) (net.Conn, error)
- func (g *Group) Jitter() int8
- func (g *Group) Len() int
- func (g *Group) Less(i, j int) bool
- func (g *Group) Listen(x context.Context, s string) (net.Listener, error)
- func (g *Group) MarshalBinary() ([]byte, error)
- func (g *Group) Next() (string, c2.Wrapper, c2.Transform)
- func (g *Group) Sleep() time.Duration
- func (g *Group) Swap(i, j int)
- func (g *Group) Switch(e bool) bool
- type Setting
- func ConnectIP(p uint) Setting
- func ConnectMuTLS(ver uint16, ca, pem, key []byte) Setting
- func ConnectTLSCerts(ver uint16, pem, key []byte) Setting
- func ConnectTLSEx(ver uint16) Setting
- func ConnectTLSExCA(ver uint16, ca []byte) Setting
- func ConnectWC2(url, host, agent string, headers map[string]string) Setting
- func Host(s string) Setting
- func Jitter(n uint) Setting
- func Sleep(t time.Duration) Setting
- func TransformB64Shift(s int) Setting
- func TransformDNS(n ...string) Setting
- func Weight(w uint) Setting
- func WrapAES(k, iv []byte) Setting
- func WrapCBK(a, b, c, d byte) Setting
- func WrapCBKSize(s, a, b, c, d byte) Setting
- func WrapXOR(k []byte) Setting
Constants ¶
const ( // ConnectTCP will provide a TCP connection setting to the generated Profile. // // If multiple connections are contained in the current Config Group, a // 'ErrMultipleConnections' error will be returned during a build. ConnectTCP = cBit(0xC0) // ConnectTLS will provide a TLS over TCP connection setting to the generated // Profile. // // If multiple connections are contained in the current Config Group, a // 'ErrMultipleConnections' error will be returned during a build. // // This hint cannot be used as a Listener. ConnectTLS = cBit(0xC1) // ConnectUDP will provide a UCO connection setting to the generated Profile. // // If multiple connections are contained in the current Config Group, a // 'ErrMultipleConnections' error will be returned during a build. ConnectUDP = cBit(0xC2) // ConnectICMP will provide a ICMP connection setting to the generated Profile. // // If multiple connections are contained in the current Config Group, a // 'ErrMultipleConnections' error will be returned during a build. ConnectICMP = cBit(0xC3) // ConnectPipe will provide a Pipe connection setting to the generated Profile. // // If multiple connections are contained in the current Config Group, a // 'ErrMultipleConnections' error will be returned during a build. ConnectPipe = cBit(0xC4) // ConnectTLSNoVerify will provide a TLS over TCP connection setting to the // generated Profile. // // If multiple connections are contained in the current Config Group, a // 'ErrMultipleConnections' error will be returned during a build. // // This hint cannot be used as a Listener. ConnectTLSNoVerify = cBit(0xC5) )
const ( // SelectorLastValid is the default selection that will keep using the last // Group unless it fails. On a failure (or the first call), this will act // similar to 'SelectorRoundRobin'. // // Takes effect only if there are multiple Groups in this Config. // This value is GLOBAL and can be present in any Group! SelectorLastValid = cBit(0xAA) // SelectorRoundRobin is a selection option that will simply select the NEXT // Group on every connection attempt. This option is affected by the Group // weights set on each addition and will perfer higher numbered options in // order. // // Takes effect only if there are multiple Groups in this Config. // This value is GLOBAL and can be present in any Group! SelectorRoundRobin = cBit(0xAB) // SelectorRandom is a selection option that will ignore all weights and order // and will select an entry from the list randomally. // // Takes effect only if there are multiple Groups in this Config. // This value is GLOBAL and can be present in any Group! SelectorRandom = cBit(0xAC) // SelectorSemiRoundRobin is a selection option that will potentially select // the NEXT Group dependent on a random (25%) chance on every connection // attempt. This option is affected by the Group weights set on each addition // and will perfer higher numbered options in order. Otherwise, the last // group used is kept. // // Takes effect only if there are multiple Groups in this Config. // This value is GLOBAL and can be present in any Group! SelectorSemiRoundRobin = cBit(0xAD) // SelectorSemiRandom is a selection option that will ignore all weights and // order and will select an entry from the list randomally dependent on a // random (25%) chance on every connection attempt. Otherwise, the last // group used is kept. // // Takes effect only if there are multiple Groups in this Config. // This value is GLOBAL and can be present in any Group! SelectorSemiRandom = cBit(0xAE) )
const ( // WrapHex is a Setting that enables the Hex Wrapper for the generated Profile. WrapHex = cBit(0xD0) // WrapZlib is a Setting that enables the ZLIB Wrapper for the generated Profile. WrapZlib = cBit(0xD1) // WrapGzip is a Setting that enables the GZIP Wrapper for the generated Profile. WrapGzip = cBit(0xD2) // WrapBase64 is a Setting that enables the Base64 Wrapper for the generated // Profile. WrapBase64 = cBit(0xD3) )
const ( // Seperator is an entry that can be used to create Groups in Config instances. // // It is recommended to use the 'AddGroup' functions instead, but this can // be used to create more advanced Groupings. Seperator = cBit(0xFA) )
const TransformB64 = cBit(0xE0)
TransformB64 is a Setting that enables the Base64 Transform for the generated Profile.
Variables ¶
var ( // ErrInvalidSetting is an error returned by the 'Profile' function if any // of the specified Settings are invalid or do contain valid information. // // The error returned will be a wrapped version of this error. ErrInvalidSetting = xerr.Sub("setting is invalid", 0xD) // ErrMultipleTransforms is an error returned by the 'Profile' function if // more that one Transform Setting is attempted to be applied in the Config // Group. // // Unlike Wrappers, Transforms cannot be stacked. ErrMultipleTransforms = xerr.Sub("cannot add multiple transforms", 0x17) // ErrMultipleConnections is an error returned by the 'Profile' function if more // that one Connection Hint Setting is attempted to be applied in the Config // Group. ErrMultipleConnections = xerr.Sub("cannot add multiple connections", 0x17) )
Functions ¶
func Build ¶
Build will combine the supplied settings and return a compiled Profile interface.
Validation or setting errors will be returned if they occur.
func Bytes ¶
Bytes will combine the supplied settings into a byte slice that can be used as a Config or written to disk.
func File ¶
File will attempt to read the file contents, parse the contents and return a compiled Profile interface.
Validation or setting errors will be returned if they occur or if any file I/O errors occur.
func JSON ¶
JSON will combine the supplied settings into a JSON payload and returned in a byte slice. This will return any validation errors during conversion.
Not valid when the 'nojson' tag is specified.
func Raw ¶
Raw will parse the raw bytes and return a compiled Profile interface.
Validation or setting errors will be returned if they occur.
Types ¶
type Config ¶
type Config []byte
Config is a raw binary representation of settings for a C2 Profile. This can be used to save/load Profiles from a file or network location.
func (*Config) Add ¶ added in v0.2.0
Add will append the raw data of the supplied Settings to this Config instance.
func (*Config) AddGroup ¶ added in v0.2.0
AddGroup will append the supplied Settings to this Config. This will append the raw data Setting data to this Config with a seperator, indicating a new Profile.
func (Config) Build ¶
Build will attempt to generate a 'c2.Profile' interface from this Config instance.
This function will return an 'ErrInvalidSetting' if any value in this Config instance is invalid or 'ErrMultipleConnections' if more than one connection is contained in this Config.
The similar error 'ErrMultipleTransforms' is similar to 'ErrMultipleConnections' but applies to Transforms, if more than one Transform is contained.
Multiple 'c2.Wrapper' instances will be combined into a 'c2.MultiWrapper' in the order they are found.
Other functions that may return errors on creation, like encryption wrappers for example, will stop the build process and will return that wrapped error.
func (Config) Bytes ¶
Bytes returns the byte version of this Config. This is the same as casting the Config instance as '[]byte(c)'.
func (Config) Group ¶ added in v0.2.0
Group will attempt to extract the Config Group out of this Config based on it's position. Attempts to modify this Config slice will NOT modify the resulting parent Config. Modifying the parent Config after extracting a Group may invalidate this Group.
This can be used in combination with 'Groups' to iterate over the Groups in this Config.
If supplied '-1', this Config returns itself.
func (Config) Groups ¶ added in v0.2.0
Groups returns the number of Groups included in this Config. This determines how many Profiles are contained in this Config and will be generated when built.
Returns zero on an empty Config.
func (Config) MarshalJSON ¶
MarshalJSON will attempt to convert the raw binary data in this Config instance into a JSON formart.
The only error that may occur is 'ErrInvalidSetting' if an invalid setting or data value is encountered during conversion.
func (Config) String ¶
String returns a string representation of the data included in this Config instance. Each separate setting will be seperated by commas.
func (*Config) UnmarshalJSON ¶
UnmarshalJSON will attempt to convert the JSON data provided into this Config instance.
Errors during parsing or formatting will be returned along with the 'ErrInvalidSetting' error if parsed data contains invalid values.
func (Config) Validate ¶ added in v0.2.0
Validate is similar to the 'Build' function but will instead only validate that the supplied Config will build into a Profile without returning an error. The error returned (if not nil) will be the same as the error returned during a Build call.
This function will return an 'ErrInvalidSetting' if any value in this Config instance is invalid or 'ErrMultipleConnections' if more than one connection is contained in this Config.
The similar error 'ErrMultipleTransforms' is similar to 'ErrMultipleConnections' but applies to Transforms, if more than one Transform is contained.
Multiple 'c2.Wrapper' instances will be combined into a 'c2.MultiWrapper' in the order they are found.
Other functions that may return errors on creation, like encryption wrappers for example, will stop the build process and will return that wrapped error.
type Group ¶ added in v0.2.0
type Group struct {
// contains filtered or unexported fields
}
Group is a struct that allows for using multiple connections for a single Session.
Groups are automatically created when a Config is built into a Profile that contains multiple Profile 'Groups'.
func (*Group) Connect ¶ added in v0.2.0
Connect is a function that will preform a Connection attempt against the supplied address string. This function may return an error if a connection could not be made or if this Profile does not support Client-side connections.
It is recommended for implementations to implement using the passed Context to stop in-flight calls.
func (*Group) Jitter ¶ added in v0.2.0
Jitter returns a value that represents a percentage [0-100] that will be taken into account by a Session in order to skew it's connection timeframe.
The value zero (0) is used to signify that Jitter is disabled. Other values greater than one hundred (100) are ignored, as well as values below zero.
The special value '-1' indicates that this Profile does not set a Jitter value and to use the system default '10%'.
func (*Group) Len ¶ added in v0.2.0
Len implements the 'sort.Interface' interface, this allows for a Group to be sorted.
func (*Group) Less ¶ added in v0.2.0
Less implements the 'sort.Interface' interface, this allows for a Group to be sorted.
func (*Group) Listen ¶ added in v0.2.0
Listen is a function that will attempt to create a listening connection on the supplied address string. This function may return an error if a listener could not be created or if this Profile does not support Server-side connections.
It is recommended for implementations to implement using the passed Context to stop running Listeners.
func (*Group) MarshalBinary ¶ added in v0.2.0
MarshalBinary allows the source of this Group to be retrived to be reused again.
This function returns an error if the source is not available.
func (*Group) Next ¶ added in v0.2.0
Next is a function call that can be used to grab the Profile's current target along with the appropriate Wrapper and Transform.
Implementations of a Profile are recommend to ensure that this function does not affect how the Profile currently works until a call to 'Switch' as this WILL be called on startup of a Session.
func (*Group) Sleep ¶ added in v0.2.0
Sleep returns a value that indicates the amount of time a Session should wait before attempting communication again, modified by Jitter (if enabled).
Sleep MUST be greater than zero (0), any value that is zero or less is ignored and indicates that this profile does not set a Sleep value and will use the system default '60s'.
func (*Group) Swap ¶ added in v0.2.0
Swap implements the 'sort.Interface' interface, this allows for a Group to be sorted.
func (*Group) Switch ¶ added in v0.2.0
Switch is function that will indicate to the caller if the 'Next' function needs to be called. Calling this function has the potential to advanced the Profile group, if avaliable.
The supplied boolean must be true if the last call to 'Connect' ot 'Listen' resulted in an error or if a forced switch if warrented. This indicates to the Profile is "dirty" and a switchover must be done.
It is recommended to call the 'Next' function after if the result of this function is true.
Static Profile vairants may always return 'false' to prevent allocations.
type Setting ¶
type Setting interface {
// contains filtered or unexported methods
}
Setting is an interface represents a C2 Profile setting in binary form.
This can be used inside to generate a C2 Profile from binary data or write a Profile to a binary stream or from a JSON payload.
func ConnectIP ¶
ConnectIP will provide a IP connection setting to the generated Profile with the specified protocol number.
If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.
func ConnectMuTLS ¶
ConnectMuTLS will provide a TLS connection setting to the generated Profile with the specified TLS config that will allow for a complete mTLS setup.
This can be used for Listeners and Connectors, but the CA PEM data provided MUST be able to validate the client certificates, otherwise connections will fail.
Using the version value '0' will use the system default (same as the ConnectTLS option). Empty PEM blocks will render and error on build.
If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.
func ConnectTLSCerts ¶
ConnectTLSCerts will provide a TLS connection setting to the generated Profile with the specified TLS config that will allow for a Listener to use the specified PEM and Private Key data in PEM format for listening.
This will also work as a Connector and can use the specified certificate for TLS authentication.
Using the version value '0' will use the system default (same as the ConnectTLS option). Empty PEM blocks will render and error on build.
If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.
func ConnectTLSEx ¶
ConnectTLSEx will provide a TLS connection setting to the generated Profile with the specified TLS minimum version specified. Using the version value '0' will use the system default (same as the ConnectTLS option).
If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.
This hint cannot be used as a Listener.
func ConnectTLSExCA ¶
ConnectTLSExCA will provide a TLS connection setting to the generated Profile with the specified TLS minimum version and will use the specified PEM bytes as the Root CA to trust when connecting.
Using the version value '0' will use the system default (same as the ConnectTLS option). Empty PEM blocks will default to system root CAs.
If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.
This hint cannot be used as a Listener.
func ConnectWC2 ¶
ConnectWC2 will provide a WebC2 connection setting to the generated Profile with the specified User-Agent, URL and Host Matcher strings (strings can be empty).
If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.
This hint cannot be used as a Listener.
func Host ¶
Host will return a Setting that will specify a host setting to the profile. If empty, this value is ignored.
func Jitter ¶
Jitter returns a Setting that will specify the Jitter setting of the generated Profile. Only Jitter values from zero to one-hundred [0-100] are valid.
Other values are ignored and replaced with the default.
func Sleep ¶
Sleep returns a Setting that will specify the Sleep timeout setting of the generated Profile. Values of zero and below are ignored.
func TransformB64Shift ¶
TransformB64Shift returns a Setting that will apply the Base64 Shift Transform to the generated Profile. The specified number will be the shift index of the Transform.
If a Transform Setting is already contained in the current Config Group, a 'ErrMultipleTransforms' error will be returned when the 'Profile' function is called.
func TransformDNS ¶
TransformDNS returns a Setting that will apply the DNS Transform to the generated Profile. If any DNS Domains are specified, they will be used in the Transform.
If a Transform Setting is already contained in the current Config Group, a 'ErrMultipleTransforms' error will be returned when the 'Profile' function is called.
func Weight ¶ added in v0.2.0
Weight returns a Setting that will specify the Weight of the generated Profile. Weight is taken into account when multiple Profiles are included to make a multi-profile.
This option MUST be included in the Group to take effect. Not including this will set the value to zero (0). Multiple values in a Group will take the last value.
func WrapAES ¶
WrapAES returns a Setting that will apply the AES Wrapper to the generated Profile. The specified key and IV will be the AES Key and IV used.
func WrapCBK ¶
WrapCBK returns a Setting that will apply the CBK Wrapper to the generated Profile. The specified ABC and Type values are the CBK letters used.
To specify the CBK buffer size, use the 'WrapCBKSize' function instead.
func WrapCBKSize ¶
WrapCBKSize returns a Setting that will apply the CBK Wrapper to the generated Profile. The specified Size, ABC and Type values and the CBK size and letters used.