result

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2023 License: GPL-3.0 Imports: 9 Imported by: 1

Documentation

Overview

Package result contains many helper functions to gather matching output from Job result packets.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Assembly

func Assembly(n *com.Packet) (uintptr, uint32, int32, error)

Assembly will parse the RvResult Packet from a TvAssembly task.

The return result is a handle to the memory location of the Assembly code (as an uintptr), the resulting PID of the Assembly "host" and the exit code of the primary thread (if wait was specified, otherwise this is zero).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func CheckDLL

func CheckDLL(n *com.Packet) (bool, error)

CheckDLL will parse the RvResult Packet from a TvCheck task.

The return result is true if the DLL provided is NOT hooked. A return value of false indicates that the DLL memory space differs from the on-disk value, which is an indicator of hooks.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func DLL

func DLL(n *com.Packet) (uintptr, uint32, int32, error)

DLL will parse the RvResult Packet from a TvDLL task.

The return result is a handle to the memory location of the DLL (as an uintptr), the resulting PID of the DLL "host" and the exit code of the primary thread (if wait was specified, otherwise this is zero).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Download

func Download(n *com.Packet) (string, bool, uint64, io.Reader, error)

Download will parse the RvResult Packet from a TvDownload task.

The return result is the expended full file path on the host as a string, a boolean representing if the path requested is a directory (true if the path is a directory, false otherwise), the size of the data in bytes (zero if the target is a directory) and a reader with the resulting file data (empty if the target is a directory).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func IsDebugged added in v0.3.1

func IsDebugged(n *com.Packet) (bool, error)

IsDebugged will parse the RvResult Packet from a TvCheckDebug task.

The return result is True if a debugger is detected, false otherwise.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Ls

func Ls(n *com.Packet) ([]os.FileInfo, error)

Ls will parse the RvResult Packet from a MvList task.

The return result is a slice of FileInfo interfaces that will return the data of the directory targeted.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Mounts

func Mounts(n *com.Packet) ([]string, error)

Mounts will parse the RvResult Packet from a MvMounts task.

The return result is a string list of all the exposed mount points on the client (drive letters on Windows).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Netcat added in v0.4.0

func Netcat(n *com.Packet) (io.Reader, error)

Netcat will parse the RvResult Packet from a TvNetcat task.

The return result is a Reader with the resulting output data from the read request. If reading was not done, this will just return nil.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil.

func Process

func Process(n *com.Packet) (uint32, int32, io.Reader, error)

Process will parse the RvResult Packet from a TvExecute task.

The return result is the spawned PID of the new process and the resulting exit code and Stdout/Stderr data (if wait was specified, otherwise this the return code is zero and the reader will be empty).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func ProcessDump added in v0.2.2

func ProcessDump(n *com.Packet) (io.Reader, error)

ProcessDump will parse the RvResult Packet from a TvProcDump task.

The return result is a Reader with the resulting dump data inside.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func ProcessList added in v0.2.2

func ProcessList(n *com.Packet) ([]cmd.ProcessInfo, error)

ProcessList will parse the RvResult Packet from a TvProcList task.

The return result is a slice of 'cmd.ProcessInfo' structs that will indicate the current processes running on the target device.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Pull

func Pull(n *com.Packet) (string, uint64, io.Reader, error)

Pull will parse the RvResult Packet from a TvPull task.

The return result is the expended full file path on the host as a string, and the resulting count of bytes written to disk.

If the Pull path was empty, the returned results will instead be returned via the supplied Reader, which will not be nil. When this occurs the string and size values will be "" and zero.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func PullExec

func PullExec(n *com.Packet) (uint32, int32, io.Reader, error)

PullExec will parse the RvResult Packet from a TvPullExecute task.

The return result is the spawned PID of the new process and the resulting exit code and Stdout/Stderr data (if wait was specified, otherwise this the return code is zero and the reader will be empty).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Pwd

func Pwd(n *com.Packet) (string, error)

Pwd will parse the RvResult Packet from a MvPwd task.

The return result is the current directory the client is located in.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Registry added in v0.2.3

func Registry(n *com.Packet) ([]regedit.Entry, bool, error)

Registry will parse the RvResult Packet from a TvRegistry task.

The return result is dependent on the resulting operation. If the result is from a 'RegLs' or 'RegGet' operation, this will return the resulting entries found (only one entry if this was a Get operation).

The boolean value will return true if the result was a valid registry command that returns no output, such as a Set operation.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func ScreenShot added in v0.2.2

func ScreenShot(n *com.Packet) (io.Reader, error)

ScreenShot will parse the RvResult Packet from a TvScreenShot task.

The return result is a Reader with the resulting screenshot data encoded as a PNG image inside. (This can be directly written to disk as a PNG file).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Script added in v0.3.1

func Script(n *com.Packet) ([]*com.Packet, error)

Script will parse the RvResult Packet from a MvScript task.

The return result is a slice of the resulting Packet output. Some flags may have their error values set, so it is important to check beforehand.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Spawn

func Spawn(n *com.Packet) (uint32, error)

Spawn will parse the RvResult Packet from a MvSpawn task.

The return result is the new PID of the resulting Spawn operation.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func SystemIO added in v0.2.5

func SystemIO(n *com.Packet) (string, uint64, bool, error)

SystemIO will parse the RvResult Packet from a TvSystemIO task.

The return result is dependent on the resulting operation. If the result is from a 'Move' or 'Copy' operation, this will return the resulting path and new file size.

The boolean value will return true if the result was a valid command that returns no output, such as a Touch, Delete or Kill operation.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Upload

func Upload(n *com.Packet) (string, uint64, error)

Upload will parse the RvResult Packet from a TvUpload task.

The return result is the expended full file path on the host as a string, and the resulting count of bytes written to disk.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func UserLogins added in v0.4.2

func UserLogins(n *com.Packet) ([]device.Login, error)

UserLogins will parse the RvResult Packet from a TvLogins task.

The return result is a slice of 'device.Login' structs that will indicate the current active Sessions (Logins) on the target device.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func UserProcessList added in v0.4.2

func UserProcessList(n *com.Packet) ([]cmd.ProcessInfo, error)

UserProcessList will parse the RvResult Packet from a TvLoginsProc task.

The return result is a slice of 'cmd.ProcessInfo' structs that will indicate the current processes running on the target device.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Whoami added in v0.5.0

func Whoami(n *com.Packet) (string, string, error)

Whoami will parse the RvResult Packet from a MvWhoami task.

The return result is the current username the client is running under and the path if the current Process.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func Zombie

func Zombie(n *com.Packet) (uint32, int32, io.Reader, error)

Zombie will parse the RvResult Packet from a TvZombie task.

The return result is the spawned PID of the new process and the resulting exit code and Stdout/Stderr data (if wait was specified, otherwise this the return code is zero and the reader will be empty).

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

Types

type FuncEntry added in v0.4.4

type FuncEntry struct {
	Hash     uint32
	Swapped  uintptr
	Original uintptr
	// contains filtered or unexported fields
}

FuncEntry is a simple struct that is used to describe the current status of function mappings. This struct is returned by a call to 'FuncRemaps' in a slice of current remaps.

Copied here from the winapi package.

func FuncRemapList added in v0.4.4

func FuncRemapList(n *com.Packet) ([]FuncEntry, error)

FuncRemapList will parse the RvResult Packet from a TvFuncMapList task.

The return result is a slice of 'FuncEntry' structs that will indicate the current function mappings on the target device.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func (*FuncEntry) UnmarshalStream added in v0.4.4

func (e *FuncEntry) UnmarshalStream(r data.Reader) error

UnmarshalStream transforms this struct from a binary format that is read from the supplied data.Reader.

type Window added in v0.3.0

type Window struct {
	Name          string
	Flags         uint8
	Handle        uintptr
	X, Y          int32
	Width, Height int32
	// contains filtered or unexported fields
}

Window is a struct that represents a Windows Window. The handles are the same for the duration of the Window's existence.

Copied here from the winapi package.

func WindowList added in v0.3.0

func WindowList(n *com.Packet) ([]Window, error)

WindowList will parse the RvResult Packet from a TvWindows task.

The return result is a slice of 'Window' structs that will indicate the current Windows open on the target device.

This function returns an error if any reading errors occur, the Packet is not in the expected format or the Packet is nil or empty.

func (Window) IsMaximized added in v0.3.2

func (w Window) IsMaximized() bool

IsMaximized returns true if the Window state was maximized at the time of discovery.

func (Window) IsMinimized added in v0.3.2

func (w Window) IsMinimized() bool

IsMinimized returns true if the Window state was minimized at the time of discovery.

func (*Window) UnmarshalStream added in v0.3.0

func (w *Window) UnmarshalStream(r data.Reader) error

UnmarshalStream transforms this struct from a binary format that is read from the supplied data.Reader.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL