cfg

package
v0.3.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 3, 2022 License: GPL-3.0 Imports: 23 Imported by: 2

Documentation

Overview

Package cfg is used to generate Binary versions of C2 Profiles and can be used to create automatic Profile 'Groups' with multiple communication and encoding types to be used by a Single session.

Index

Constants

View Source
const (
	// ConnectTCP will provide a TCP connection setting to the generated Profile.
	//
	// If multiple connections are contained in the current Config Group, a
	// 'ErrMultipleConnections' error will be returned during a build.
	ConnectTCP = cBit(0xC0)
	// ConnectTLS will provide a TLS over TCP connection setting to the generated
	// Profile.
	//
	// If multiple connections are contained in the current Config Group, a
	// 'ErrMultipleConnections' error will be returned during a build.
	//
	// This hint cannot be used as a Listener.
	ConnectTLS = cBit(0xC1)
	// ConnectUDP will provide a UCO connection setting to the generated Profile.
	//
	// If multiple connections are contained in the current Config Group, a
	// 'ErrMultipleConnections' error will be returned during a build.
	ConnectUDP = cBit(0xC2)
	// ConnectICMP will provide a ICMP connection setting to the generated Profile.
	//
	// If multiple connections are contained in the current Config Group, a
	// 'ErrMultipleConnections' error will be returned during a build.
	ConnectICMP = cBit(0xC3)
	// ConnectPipe will provide a Pipe connection setting to the generated Profile.
	//
	// If multiple connections are contained in the current Config Group, a
	// 'ErrMultipleConnections' error will be returned during a build.
	ConnectPipe = cBit(0xC4)
	// ConnectTLSNoVerify will provide a TLS over TCP connection setting to the
	// generated Profile.
	//
	// If multiple connections are contained in the current Config Group, a
	// 'ErrMultipleConnections' error will be returned during a build.
	//
	// This hint cannot be used as a Listener.
	ConnectTLSNoVerify = cBit(0xC5)
)
View Source
const (
	// SelectorLastValid is the default selection that will keep using the last
	// Group unless it fails. On a failure (or the first call), this will act
	// similar to 'SelectorRoundRobin'.
	//
	// Takes effect only if there are multiple Groups in this Config.
	// This value is GLOBAL and can be present in any Group!
	SelectorLastValid = cBit(0xAA)
	// SelectorRoundRobin is a selection option that will simply select the NEXT
	// Group on every connection attempt. This option is affected by the Group
	// weights set on each addition and will perfer higher numbered options in
	// order.
	//
	// Takes effect only if there are multiple Groups in this Config.
	// This value is GLOBAL and can be present in any Group!
	SelectorRoundRobin = cBit(0xAB)
	// SelectorRandom is a selection option that will ignore all weights and order
	// and will select an entry from the list randomally.
	//
	// Takes effect only if there are multiple Groups in this Config.
	// This value is GLOBAL and can be present in any Group!
	SelectorRandom = cBit(0xAC)
	// SelectorSemiRoundRobin is a selection option that will potentially select
	// the NEXT Group dependent on a random (25%) chance on every connection
	// attempt. This option is affected by the Group weights set on each addition
	// and will perfer higher numbered options in order. Otherwise, the last
	// group used is kept.
	//
	// Takes effect only if there are multiple Groups in this Config.
	// This value is GLOBAL and can be present in any Group!
	SelectorSemiRoundRobin = cBit(0xAD)
	// SelectorSemiRandom is a selection option that will ignore all weights and
	// order and will select an entry from the list randomally dependent on a
	// random (25%) chance on every connection attempt. Otherwise, the last
	// group used is kept.
	//
	// Takes effect only if there are multiple Groups in this Config.
	// This value is GLOBAL and can be present in any Group!
	SelectorSemiRandom = cBit(0xAE)
)
View Source
const (
	// WrapHex is a Setting that enables the Hex Wrapper for the generated Profile.
	WrapHex = cBit(0xD0)
	// WrapZlib is a Setting that enables the ZLIB Wrapper for the generated Profile.
	WrapZlib = cBit(0xD1)
	// WrapGzip is a Setting that enables the GZIP Wrapper for the generated Profile.
	WrapGzip = cBit(0xD2)
	// WrapBase64 is a Setting that enables the Base64 Wrapper for the generated
	// Profile.
	WrapBase64 = cBit(0xD3)
)
View Source
const (
	// Seperator is an entry that can be used to create Groups in Config instances.
	//
	// It is recommended to use the 'AddGroup' functions instead, but this can
	// be used to create more advanced Groupings.
	Seperator = cBit(0xFA)
)
View Source
const TransformB64 = cBit(0xE0)

TransformB64 is a Setting that enables the Base64 Transform for the generated Profile.

Variables

View Source
var (
	// ErrInvalidSetting is an error returned by the 'Profile' function if any
	// of the specified Settings are invalid or do contain valid information.
	//
	// The error returned will be a wrapped version of this error.
	ErrInvalidSetting = xerr.Sub("setting is invalid", 0x5D)
	// ErrMultipleTransforms is an error returned by the 'Profile' function if
	// more that one Transform Setting is attempted to be applied in the Config
	// Group.
	//
	// Unlike Wrappers, Transforms cannot be stacked.
	ErrMultipleTransforms = xerr.Sub("cannot add multiple transforms", 0x5E)
	// ErrMultipleConnections is an error returned by the 'Profile' function if more
	// that one Connection Hint Setting is attempted to be applied in the Config
	// Group.
	ErrMultipleConnections = xerr.Sub("cannot add multiple connections", 0x5F)
)

Functions

func Build

func Build(s ...Setting) (c2.Profile, error)

Build will combine the supplied settings and return a compiled Profile interface.

Validation or setting errors will be returned if they occur.

func Bytes

func Bytes(s ...Setting) []byte

Bytes will combine the supplied settings into a byte slice that can be used as a Config or written to disk.

func File

func File(s string) (c2.Profile, error)

File will attempt to read the file contents, parse the contents and return a compiled Profile interface.

Validation or setting errors will be returned if they occur or if any file I/O errors occur.

func JSON

func JSON(s ...Setting) ([]byte, error)

JSON will combine the supplied settings into a JSON payload and returned in a byte slice. This will return any validation errors during conversion.

Not valid when the 'nojson' tag is specified.

func Raw

func Raw(b []byte) (c2.Profile, error)

Raw will parse the raw bytes and return a compiled Profile interface.

Validation or setting errors will be returned if they occur.

func Reader

func Reader(r io.Reader) (c2.Profile, error)

Reader will attempt to read the reader data, parse the raw data and return a compiled Profile interface.

Validation or setting errors will be returned if they occur or if any I/O errors occur.

func Write

func Write(w io.Writer, s ...Setting) error

Write will combine the supplied settings into a byte slice that will be written to the supplied writer. Any errors during writing will be returned.

Types

type Config

type Config []byte

Config is a raw binary representation of settings for a C2 Profile. This can be used to save/load Profiles from a file or network location.

func Pack

func Pack(s ...Setting) Config

Pack will combine the supplied settings into a Config instance.

func (*Config) Add added in v0.2.0

func (c *Config) Add(s ...Setting)

Add will append the raw data of the supplied Settings to this Config instance.

func (*Config) AddGroup added in v0.2.0

func (c *Config) AddGroup(s ...Setting)

AddGroup will append the supplied Settings to this Config. This will append the raw data Setting data to this Config with a seperator, indicating a new Profile.

func (Config) Build

func (c Config) Build() (c2.Profile, error)

Build will attempt to generate a 'c2.Profile' interface from this Config instance.

This function will return an 'ErrInvalidSetting' if any value in this Config instance is invalid or 'ErrMultipleConnections' if more than one connection is contained in this Config.

The similar error 'ErrMultipleTransforms' is similar to 'ErrMultipleConnections' but applies to Transforms, if more than one Transform is contained.

Multiple 'c2.Wrapper' instances will be combined into a 'c2.MultiWrapper' in the order they are found.

Other functions that may return errors on creation, like encryption wrappers for example, will stop the build process and will return that wrapped error.

func (Config) Bytes

func (c Config) Bytes() []byte

Bytes returns the byte version of this Config. This is the same as casting the Config instance as '[]byte(c)'.

func (Config) Group added in v0.2.0

func (c Config) Group(p int) Config

Group will attempt to extract the Config Group out of this Config based on it's position. Attempts to modify this Config slice will NOT modify the resulting parent Config. Modifying the parent Config after extracting a Group may invalidate this Group.

This can be used in combination with 'Groups' to iterate over the Groups in this Config.

If supplied '-1', this Config returns itself.

func (Config) Groups added in v0.2.0

func (c Config) Groups() int

Groups returns the number of Groups included in this Config. This determines how many Profiles are contained in this Config and will be generated when built.

Returns zero on an empty Config.

func (Config) Len

func (c Config) Len() int

Len returns the length of this Config instance. This is the same as 'len(c)'.

func (Config) MarshalJSON

func (c Config) MarshalJSON() ([]byte, error)

MarshalJSON will attempt to convert the raw binary data in this Config instance into a JSON formart.

The only error that may occur is 'ErrInvalidSetting' if an invalid setting or data value is encountered during conversion.

func (Config) String

func (c Config) String() string

String returns a string representation of the data included in this Config instance. Each separate setting will be seperated by commas.

func (*Config) UnmarshalJSON

func (c *Config) UnmarshalJSON(b []byte) error

UnmarshalJSON will attempt to convert the JSON data provided into this Config instance.

Errors during parsing or formatting will be returned along with the 'ErrInvalidSetting' error if parsed data contains invalid values.

func (Config) Validate added in v0.2.0

func (c Config) Validate() error

Validate is similar to the 'Build' function but will instead only validate that the supplied Config will build into a Profile without returning an error. The error returned (if not nil) will be the same as the error returned during a Build call.

This function will return an 'ErrInvalidSetting' if any value in this Config instance is invalid or 'ErrMultipleConnections' if more than one connection is contained in this Config.

The similar error 'ErrMultipleTransforms' is similar to 'ErrMultipleConnections' but applies to Transforms, if more than one Transform is contained.

Multiple 'c2.Wrapper' instances will be combined into a 'c2.MultiWrapper' in the order they are found.

Other functions that may return errors on creation, like encryption wrappers for example, will stop the build process and will return that wrapped error.

func (Config) Write

func (c Config) Write(w io.Writer) error

Write will attempt to write the contents of this Config instance to the specified Writer.

This function will return any errors that occurred during the write. This is a NOP if this Config is empty.

type Group added in v0.2.0

type Group struct {
	// contains filtered or unexported fields
}

Group is a struct that allows for using multiple connections for a single Session.

Groups are automatically created when a Config is built into a Profile that contains multiple Profile 'Groups'.

func (*Group) Connect added in v0.2.0

func (g *Group) Connect(x context.Context, s string) (net.Conn, error)

Connect is a function that will preform a Connection attempt against the supplied address string. This function may return an error if a connection could not be made or if this Profile does not support Client-side connections.

It is recommended for implementations to implement using the passed Context to stop in-flight calls.

func (*Group) Jitter added in v0.2.0

func (g *Group) Jitter() int8

Jitter returns a value that represents a percentage [0-100] that will be taken into account by a Session in order to skew it's connection timeframe.

The value zero (0) is used to signify that Jitter is disabled. Other values greater than one hundred (100) are ignored, as well as values below zero.

The special value '-1' indicates that this Profile does not set a Jitter value and to use the system default '10%'.

func (*Group) Len added in v0.2.0

func (g *Group) Len() int

Len implements the 'sort.Interface' interface, this allows for a Group to be sorted.

func (*Group) Less added in v0.2.0

func (g *Group) Less(i, j int) bool

Less implements the 'sort.Interface' interface, this allows for a Group to be sorted.

func (*Group) Listen added in v0.2.0

func (g *Group) Listen(x context.Context, s string) (net.Listener, error)

Listen is a function that will attempt to create a listening connection on the supplied address string. This function may return an error if a listener could not be created or if this Profile does not support Server-side connections.

It is recommended for implementations to implement using the passed Context to stop running Listeners.

func (*Group) MarshalBinary added in v0.2.0

func (g *Group) MarshalBinary() ([]byte, error)

MarshalBinary allows the source of this Group to be retrived to be reused again.

This function returns an error if the source is not available.

func (*Group) Next added in v0.2.0

func (g *Group) Next() (string, c2.Wrapper, c2.Transform)

Next is a function call that can be used to grab the Profile's current target along with the appropriate Wrapper and Transform.

Implementations of a Profile are recommend to ensure that this function does not affect how the Profile currently works until a call to 'Switch' as this WILL be called on startup of a Session.

func (*Group) Sleep added in v0.2.0

func (g *Group) Sleep() time.Duration

Sleep returns a value that indicates the amount of time a Session should wait before attempting communication again, modified by Jitter (if enabled).

Sleep MUST be greater than zero (0), any value that is zero or less is ignored and indicates that this profile does not set a Sleep value and will use the system default '60s'.

func (*Group) Swap added in v0.2.0

func (g *Group) Swap(i, j int)

Swap implements the 'sort.Interface' interface, this allows for a Group to be sorted.

func (*Group) Switch added in v0.2.0

func (g *Group) Switch(e bool) bool

Switch is function that will indicate to the caller if the 'Next' function needs to be called. Calling this function has the potential to advanced the Profile group, if avaliable.

The supplied boolean must be true if the last call to 'Connect' ot 'Listen' resulted in an error or if a forced switch if warrented. This indicates to the Profile is "dirty" and a switchover must be done.

It is recommended to call the 'Next' function after if the result of this function is true.

Static Profile vairants may always return 'false' to prevent allocations.

type Setting

type Setting interface {
	// contains filtered or unexported methods
}

Setting is an interface that represents a C2 Profile setting in binary form.

This can be used to generate a C2 Profile from binary data or write a Profile to a binary stream or JSON payload (if enabled).

func ConnectIP

func ConnectIP(p uint) Setting

ConnectIP will provide a IP connection setting to the generated Profile with the specified protocol number.

If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.

func ConnectMuTLS

func ConnectMuTLS(ver uint16, ca, pem, key []byte) Setting

ConnectMuTLS will provide a TLS connection setting to the generated Profile with the specified TLS config that will allow for a complete mTLS setup.

This can be used for Listeners and Connectors, but the CA PEM data provided MUST be able to validate the client certificates, otherwise connections will fail.

Using the version value '0' will use the system default (same as the ConnectTLS option). Empty PEM blocks will render and error on build.

If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.

func ConnectTLSCerts

func ConnectTLSCerts(ver uint16, pem, key []byte) Setting

ConnectTLSCerts will provide a TLS connection setting to the generated Profile with the specified TLS config that will allow for a Listener to use the specified PEM and Private Key data in PEM format for listening.

This will also work as a Connector and can use the specified certificate for TLS authentication.

Using the version value '0' will use the system default (same as the ConnectTLS option). Empty PEM blocks will render and error on build.

If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.

func ConnectTLSEx

func ConnectTLSEx(ver uint16) Setting

ConnectTLSEx will provide a TLS connection setting to the generated Profile with the specified TLS minimum version specified. Using the version value '0' will use the system default (same as the ConnectTLS option).

If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.

This hint cannot be used as a Listener.

func ConnectTLSExCA

func ConnectTLSExCA(ver uint16, ca []byte) Setting

ConnectTLSExCA will provide a TLS connection setting to the generated Profile with the specified TLS minimum version and will use the specified PEM bytes as the Root CA to trust when connecting.

Using the version value '0' will use the system default (same as the ConnectTLS option). Empty PEM blocks will default to system root CAs.

If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.

This hint cannot be used as a Listener.

func ConnectWC2

func ConnectWC2(url, host, agent string, headers map[string]string) Setting

ConnectWC2 will provide a WebC2 connection setting to the generated Profile with the specified User-Agent, URL and Host Matcher strings (strings can be empty).

If multiple connections are contained in the current Config Group, a 'ErrMultipleConnections' error will be returned during a build.

This hint cannot be used as a Listener.

func Host

func Host(s string) Setting

Host will return a Setting that will specify a host setting to the profile. If empty, this value is ignored.

This may be included multiple times to add multiple Host entries to be used in a single Group entry.

func Jitter

func Jitter(n uint) Setting

Jitter returns a Setting that will specify the Jitter setting of the generated Profile. Only Jitter values from zero to one-hundred [0-100] are valid.

Other values are ignored and replaced with the default.

func Sleep

func Sleep(t time.Duration) Setting

Sleep returns a Setting that will specify the Sleep timeout setting of the generated Profile. Values of zero and below are ignored.

func TransformB64Shift

func TransformB64Shift(s int) Setting

TransformB64Shift returns a Setting that will apply the Base64 Shift Transform to the generated Profile. The specified number will be the shift index of the Transform.

If a Transform Setting is already contained in the current Config Group, a 'ErrMultipleTransforms' error will be returned when the 'Profile' function is called.

func TransformDNS

func TransformDNS(n ...string) Setting

TransformDNS returns a Setting that will apply the DNS Transform to the generated Profile. If any DNS Domains are specified, they will be used in the Transform.

If a Transform Setting is already contained in the current Config Group, a 'ErrMultipleTransforms' error will be returned when the 'Profile' function is called.

func Weight added in v0.2.0

func Weight(w uint) Setting

Weight returns a Setting that will specify the Weight of the generated Profile. Weight is taken into account when multiple Profiles are included to make a multi-profile.

This option MUST be included in the Group to take effect. Not including this will set the value to zero (0). Multiple values in a Group will take the last value.

func WrapAES

func WrapAES(k, iv []byte) Setting

WrapAES returns a Setting that will apply the AES Wrapper to the generated Profile. The specified key and IV will be the AES Key and IV used.

func WrapCBK

func WrapCBK(a, b, c, d byte) Setting

WrapCBK returns a Setting that will apply the CBK Wrapper to the generated Profile. The specified ABC and Type values are the CBK letters used.

To specify the CBK buffer size, use the 'WrapCBKSize' function instead.

func WrapCBKSize

func WrapCBKSize(s, a, b, c, d byte) Setting

WrapCBKSize returns a Setting that will apply the CBK Wrapper to the generated Profile. The specified Size, ABC and Type values and the CBK size and letters used.

func WrapXOR

func WrapXOR(k []byte) Setting

WrapXOR returns a Setting that will apply the XOR Wrapper to the generated Profile. The specified key will be the XOR key used.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL