Documentation ¶
Index ¶
- Constants
- Variables
- func APIListen()
- func APIMain()
- func AdaptiveTable(tableString string)
- func CliAlert(textColor color.Attribute, format string, a ...interface{})
- func CliAsk(prompt string, allow_empty bool) (answer string)
- func CliBanner() error
- func CliFatalError(format string, a ...interface{})
- func CliListCmds(w io.Writer)
- func CliListOptions()
- func CliMain()
- func CliMsg(format string, a ...interface{})
- func CliPrettyPrint(header1, header2 string, map2write *map[string]string)
- func CliPrint(format string, a ...interface{})
- func CliPrintDebug(format string, a ...interface{})
- func CliPrintError(format string, a ...interface{})
- func CliPrintInfo(format string, a ...interface{})
- func CliPrintSuccess(format string, a ...interface{})
- func CliPrintWarning(format string, a ...interface{})
- func CliYesNo(prompt string) bool
- func CmdHandler(cmd string) (err error)
- func CmdHelp(mod string)
- func CopyToClipboard(data []byte)
- func CreateVaccineArchive() (err error)
- func DeletePortFwdSession(cmd string)
- func DownloadFile(url, path string) (err error)
- func DownloadFromAgent(cmd string)
- func FSDoubleArgCmd(cmd string)
- func FSNoArgCmd(cmd string)
- func FSSingleArgCmd(cmd string)
- func FitPanes(output_pane_x int)
- func GenC2Certs(hosts []string) (err error)
- func GetDateTime() (datetime string)
- func GetFile(filepath string, a *emp3r0r_data.AgentSystemInfo) error
- func GetTargetDetails(target *emp3r0r_data.AgentSystemInfo)
- func GetTargetFromH2Conn(conn *h2conn.Conn) (target *emp3r0r_data.AgentSystemInfo)
- func GetTargetFromIndex(index int) (target *emp3r0r_data.AgentSystemInfo)
- func GetTargetFromTag(tag string) (target *emp3r0r_data.AgentSystemInfo)
- func InitConfig() (err error)
- func InitConfigFile(cc_host string) (err error)
- func InitModules()
- func IsAgentExist(t *emp3r0r_data.AgentSystemInfo) bool
- func IsAgentExistByTag(tag string) bool
- func IsCCRunning() bool
- func KCPListenAndServe()
- func ListModules()
- func ListPortFwds()
- func ListTargets()
- func LoadCACrt() error
- func MakeConfig() (err error)
- func ModuleDetails(modName string)
- func ModuleRun()
- func ModuleSearch(cmd string)
- func OpenFileManager()
- func OpenInNewTerminalWindow(name, cmd string) error
- func PackAgentBinary()
- func Packer(inputELF string) (err error)
- func PutFile(lpath, rpath string, a *emp3r0r_data.AgentSystemInfo) error
- func SSHClient(shell, args, port string, split bool) (err error)
- func SelectCurrentTarget() (target *emp3r0r_data.AgentSystemInfo)
- func Send2Agent(data *emp3r0r_data.MsgTunData, agent *emp3r0r_data.AgentSystemInfo) (err error)
- func SendCmd(cmd, cmd_id string, a *emp3r0r_data.AgentSystemInfo) error
- func SendCmdToCurrentTarget(cmd, cmd_id string) error
- func SetAgentLabel(a *emp3r0r_data.AgentSystemInfo) (label string)
- func SetDynamicPrompt()
- func SetOption(args []string)
- func ShadowsocksServer()
- func StatFile(filepath string, a *emp3r0r_data.AgentSystemInfo) (fi *util.FileStat, err error)
- func Suicide()
- func TLSServer()
- func TakeScreenshot()
- func TermClear()
- func TermSize() (width, height int, err error)
- func TmuxCurrentPane() (pane_id string)
- func TmuxCurrentWindow() (id string)
- func TmuxDeinitWindows()
- func TmuxDisplay(msg string) (res string)
- func TmuxInitWindows() (err error)
- func TmuxKillWindow(id string) (err error)
- func TmuxNewWindow(name, cmd string) error
- func TmuxSetOpt(index, opt string) (err error)
- func TmuxSetPaneTitle(title, pane_id string) error
- func TmuxSplit(hV, cmd string) error
- func TmuxSwitchWindow(window_id string) (res bool)
- func TmuxUpdatePane(pane *Emp3r0rPane)
- func TmuxUpdatePanes()
- func TmuxWindowSize() (x, y int)
- func UnlockDownloads() error
- func UpdateOptions(modName string) (exist bool)
- func UpgradeAgent()
- func UploadToAgent(cmd string)
- func VimEdit(filepath string) (err error)
- type APIResponse
- type Control
- type Emp3r0rPane
- func (pane *Emp3r0rPane) ClearPane() (err error)
- func (pane *Emp3r0rPane) KillPane() (err error)
- func (pane *Emp3r0rPane) PaneDetails() (is_alive bool, title string, tty string, pid int, cmd string, width int, ...)
- func (pane *Emp3r0rPane) Printf(clear bool, format string, a ...interface{})
- func (pane *Emp3r0rPane) ResizePane(direction string, lines int) (err error)
- func (pane *Emp3r0rPane) Respawn() (err error)
- type LabeledAgent
- type ModConfig
- type Option
- type PortFwdSession
- type StreamHandler
Constants ¶
const ( SocketName = "/tmp/emp3r0r.socket" // for stupid goconst LOG = "log" JSON = "JSON" CMD = "cmd" )
const ( // Temp where we save temp files Temp = "/tmp/emp3r0r/" // WWWRoot host static files for agent WWWRoot = Temp + "www/" // UtilsArchive host utils.tar.xz for agent UtilsArchive = WWWRoot + "utils.tar.xz" )
const ( PromptName = "emp3r0r" ClearTerm = "\033[2J" )
const AgentsJSON = "agents.json"
const HELP = "help" // fuck goconst
Variables ¶
var ( // DebugLevel what kind fof logs do we want to see // 3 (DEBUG) -> 2 (INFO) -> 1 (WARN) DebugLevel = 2 // IsAPIEnabled Indicate whether we are in headless mode IsAPIEnabled = false // Prefix /usr or /usr/local, can be set through $EMP3R0R_PREFIX Prefix = "" // EmpWorkSpace workspace directory of emp3r0r EmpWorkSpace = "" // EmpDataDir prefix/lib/emp3r0r EmpDataDir = "" // EmpBuildDir prefix/lib/emp3r0r/build EmpBuildDir = "" // FileGetDir where we save #get files FileGetDir = "" // EmpConfigFile emp3r0r.json EmpConfigFile = "" // Targets target list, with control (tun) interface Targets = make(map[*emp3r0r_data.AgentSystemInfo]*Control) TargetsMutex = sync.RWMutex{} // certs CACrtFile string CAKeyFile string ServerCrtFile string ServerKeyFile string )
var ( // CliCompleter holds all command completions CliCompleter = readline.NewPrefixCompleter() // CmdCompls completions for readline CmdCompls []readline.PrefixCompleterInterface // InitCmdCompls initial completions for readline, so we can roll back InitCmdCompls []readline.PrefixCompleterInterface // EmpReadLine : our commandline EmpReadLine *readline.Instance // EmpPrompt : the prompt string EmpPrompt = color.HiCyanString(PromptName + " > ") )
var ( // ModuleDir stores modules ModuleDirs []string // CurrentMod selected module CurrentMod = "<blank>" // CurrentTarget selected target CurrentTarget *emp3r0r_data.AgentSystemInfo // Options currently available options for `set` Options = make(map[string]*Option) // ShellHelpInfo provide utilities like ps, kill, etc // deprecated ShellHelpInfo = map[string]string{ HELP: "Display this help", "#ps": "List processes: `ps`", "#kill": "Kill process: `kill <PID>`", "#net": "Show network info", "put": "Put a file from CC to agent: `put <local file> <remote path>`", "get": "Get a file from agent: `get <remote file>`", } // ModuleHelpers a map of module helpers ModuleHelpers = map[string]func(){ emp3r0r_data.ModGenAgent: modGenAgent, emp3r0r_data.ModCMD_EXEC: moduleCmd, emp3r0r_data.ModSHELL: moduleShell, emp3r0r_data.ModPROXY: moduleProxy, emp3r0r_data.ModPORT_FWD: modulePortFwd, emp3r0r_data.ModLPE_SUGGEST: moduleLPE, emp3r0r_data.ModGET_ROOT: moduleGetRoot, emp3r0r_data.ModCLEAN_LOG: moduleLogCleaner, emp3r0r_data.ModPERSISTENCE: modulePersistence, emp3r0r_data.ModVACCINE: moduleVaccine, emp3r0r_data.ModINJECTOR: moduleInjector, emp3r0r_data.ModBring2CC: moduleBring2CC, emp3r0r_data.ModGDB: moduleGDB, emp3r0r_data.ModStager: modStager, emp3r0r_data.ModSSHHarvester: module_ssh_harvester, } )
var ( EmpTLSServer *http.Server EmpTLSServerCtx context.Context EmpTLSServerCancel context.CancelFunc )
var ( // RShellStream reverse shell handler RShellStream = &StreamHandler{H2x: nil, BufSize: emp3r0r_data.RShellBufSize, Buf: make(chan []byte)} // ProxyStream proxy handler ProxyStream = &StreamHandler{H2x: nil, BufSize: emp3r0r_data.ProxyBufSize, Buf: make(chan []byte)} // FTPStreams file transfer handlers FTPStreams = make(map[string]*StreamHandler) // FTPMutex lock FTPMutex = &sync.Mutex{} // RShellStreams rshell handlers RShellStreams = make(map[string]*StreamHandler) // RShellMutex lock RShellMutex = &sync.Mutex{} // PortFwds port mappings/forwardings: { sessionID:StreamHandler } PortFwds = make(map[string]*PortFwdSession) // PortFwdsMutex lock PortFwdsMutex = &sync.Mutex{} )
var ( // TermWidth TermWidth int // TermHeight TermHeight int // home tmux window HomeWindow string // Console titled "Command" CommandPane *Emp3r0rPane // Displays system info of selected agent AgentInfoPane *Emp3r0rPane // Displays agent output, separated from logs AgentOutputPane *Emp3r0rPane // Displays agent list AgentListPane *Emp3r0rPane // Displays bash shell for selected agent AgentShellPane *Emp3r0rPane // SFTP shell for selected agent AgentSFTPPane *Emp3r0rPane // Put all windows in this map TmuxPanes = make(map[string]*Emp3r0rPane) // CAT use this cat to replace /bin/cat CAT = "emp3r0r-cat" )
var APIConn net.Conn
var Arch_List = []string{
"386",
"amd64",
"arm",
"arm64",
"mips",
"mips64",
"riscv64",
}
var Arch_List_All = []string{
"386",
"amd64",
"arm",
"arm64",
"mips",
"mips64",
"riscv64",
}
var Arch_List_Windows = []string{
"386",
"amd64",
}
var CmdFuncs = map[string]func(){ "ls_targets": ls_targets, "ls_modules": ListModules, "ls_port_fwds": ListPortFwds, "info": CliListOptions, "run": ModuleRun, "screenshot": TakeScreenshot, "file_manager": OpenFileManager, "upgrade_agent": UpgradeAgent, "suicide": Suicide, }
CmdFuncs holds a map of helper functions
var CmdFuncsWithArgs = map[string]func(string){ "ls": FSNoArgCmd, "pwd": FSNoArgCmd, "cd": FSSingleArgCmd, "mv": FSDoubleArgCmd, "cp": FSDoubleArgCmd, "rm": FSSingleArgCmd, "mkdir": FSSingleArgCmd, "put": UploadToAgent, "get": DownloadFromAgent, "ps": FSNoArgCmd, "kill": FSSingleArgCmd, "delete_port_fwd": DeletePortFwdSession, "debug": setDebugLevel, "search": ModuleSearch, "set": setOptVal, "label": setTargetLabel, "target": setCurrentTarget, }
CmdFuncsWithArgs commands that accept a single string parameter
var CmdResults = make(map[string]string)
CmdResults receive response from agent and cache them
var CmdResultsMutex = &sync.Mutex{}
mutex
var CmdTime = make(map[string]string)
CmdTime Record the time spent on each command
var CmdTimeMutex = &sync.Mutex{}
var CommandHelp = map[string]string{
HELP: "Print this help, 'help <module>' gives help for a module",
"target": "Set target. eg. `target <index>`",
"file_manager": "Browse remote files in your local file manager with SFTP protocol",
"set": "Set an option. eg. `set <option> <val>`",
"use": "Use a module. eg. `use <module_name>`",
"run": "Run selected module, make sure you have set required options",
"info": "What options do we have?",
"upgrade_agent": "Upgrade agent on selected target",
"ls": "List current directory of selected agent",
"mv": "Move a file to another location on selected target",
"cp": "Copy a file to another location on selected target",
"cd": "Change current working directory of selected agent",
"rm": "Delete a file/directory on selected agent",
"mkdir": "Create new directory on selected agent",
"pwd": "Current working directory of selected agent",
"ps": "Process list of selected agent",
"kill": "Terminate a process on selected agent: eg. `kill <pid>`",
"get": "Download a file from selected agent",
"put": "Upload a file to selected agent",
"screenshot": "Take a screenshot of selected agent",
"suicide": "Kill agent process, delete agent root directory",
"ls_targets": "List all targets",
"ls_modules": "List all modules",
"search": "Search modules",
"ls_port_fwds": "List all port mappings",
"debug": "Set debug level: -1 (least verbose) to 1 (most verbose)",
"delete_port_fwd": "Delete a port mapping",
"exit": "Exit",
}
CommandHelp holds all commands and their help string, command: help
var LPEHelperURLs = map[string]string{
"lpe_les": "https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh",
"lpe_lse": "https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh",
"lpe_linpeas": "https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh",
"lpe_winpeas.ps1": "https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/winPEAS/winPEASps1/winPEAS.ps1",
"lpe_winpeas.bat": "https://github.com/carlospolop/PEASS-ng/releases/latest/download/winPEAS.bat",
"lpe_winpeas.exe": "https://github.com/carlospolop/PEASS-ng/releases/latest/download/winPEASany_ofs.exe",
}
LPEHelperURLs scripts that help you get root
var LsDir []string
LsDir cache items in current directory
var ModuleConfigs = make(map[string]ModConfig, 1)
stores module configs
var ModuleNames = []string{}
stores module names
var RShellStatus = make(map[string]error)
RShellStatus stores errors from reverseBash
var RuntimeConfig = &emp3r0r_data.Config{}
var SSHShellPort = make(map[string]string)
shell - port mapping one port for one shell
var Stagers = []string{
"linux/bash",
"java",
"php",
"python",
"python3",
"perl",
"windows/powershell",
"windows/c#",
}
Functions ¶
func APIListen ¶
func APIListen()
listen on a unix socket users can send commands to this socket as if they were using a console
func AdaptiveTable ¶
func AdaptiveTable(tableString string)
automatically resize CommandPane according to table width
func CliFatalError ¶
func CliFatalError(format string, a ...interface{})
CliFatalError print log in red, and exit
func CliListOptions ¶
func CliListOptions()
CliListOptions list currently available options for `set`
func CliMsg ¶
func CliMsg(format string, a ...interface{})
CliMsg print log in bold cyan, regardless of debug level
func CliPrettyPrint ¶
CliPrettyPrint prints two-column help info
func CliPrint ¶
func CliPrint(format string, a ...interface{})
CliPrint print in bold cyan without logging prefix, regardless of debug level
func CliPrintDebug ¶
func CliPrintDebug(format string, a ...interface{})
CliPrintDebug print log in blue
func CliPrintError ¶
func CliPrintError(format string, a ...interface{})
CliPrintError print log in red
func CliPrintInfo ¶
func CliPrintInfo(format string, a ...interface{})
CliPrintInfo print log in hiblue
func CliPrintSuccess ¶
func CliPrintSuccess(format string, a ...interface{})
CliPrintSuccess print log in green
func CliPrintWarning ¶
func CliPrintWarning(format string, a ...interface{})
CliPrintWarning print log in hiyellow
func CopyToClipboard ¶
func CopyToClipboard(data []byte)
CopyToClipboard copy data to clipboard using xsel -b
func CreateVaccineArchive ¶
func CreateVaccineArchive() (err error)
func DeletePortFwdSession ¶
func DeletePortFwdSession(cmd string)
DeletePortFwdSession delete a port mapping session by ID
func DownloadFile ¶
DownloadFile download file using default http client
func DownloadFromAgent ¶
func DownloadFromAgent(cmd string)
func FSDoubleArgCmd ¶
func FSDoubleArgCmd(cmd string)
func FSNoArgCmd ¶
func FSNoArgCmd(cmd string)
func FSSingleArgCmd ¶
func FSSingleArgCmd(cmd string)
func FitPanes ¶
func FitPanes(output_pane_x int)
FitPanes adjust width of panes to fit them in the terminal window triggered by agent output
func GenC2Certs ¶
GenC2Certs generate certificates for CA and emp3r0r C2 server
func GetDateTime ¶
func GetDateTime() (datetime string)
GetDateTime get current date and time, for logging
func GetFile ¶
func GetFile(filepath string, a *emp3r0r_data.AgentSystemInfo) error
GetFile get file from agent
func GetTargetDetails ¶
func GetTargetDetails(target *emp3r0r_data.AgentSystemInfo)
func GetTargetFromH2Conn ¶
func GetTargetFromH2Conn(conn *h2conn.Conn) (target *emp3r0r_data.AgentSystemInfo)
GetTargetFromH2Conn find target from Targets via HTTP2 connection ID, return nil if not found
func GetTargetFromIndex ¶
func GetTargetFromIndex(index int) (target *emp3r0r_data.AgentSystemInfo)
GetTargetFromIndex find target from Targets via control index, return nil if not found
func GetTargetFromTag ¶
func GetTargetFromTag(tag string) (target *emp3r0r_data.AgentSystemInfo)
GetTargetFromTag find target from Targets via tag, return nil if not found
func InitConfigFile ¶
func InitModules ¶
func InitModules()
scan custom modules in ModuleDir, and update ModuleHelpers, ModuleDocs
func IsAgentExist ¶
func IsAgentExist(t *emp3r0r_data.AgentSystemInfo) bool
IsAgentExist is agent already in target list?
func IsAgentExistByTag ¶
IsAgentExistByTag is agent already in target list?
func MakeConfig ¶
func MakeConfig() (err error)
func OpenFileManager ¶
func OpenFileManager()
func OpenInNewTerminalWindow ¶
OpenInNewTerminalWindow run a command in new terminal emulator window
func Packer ¶
Packer compress and encrypt ELF, append it to packer_stub.exe encryption key is generated from MagicString
func PutFile ¶
func PutFile(lpath, rpath string, a *emp3r0r_data.AgentSystemInfo) error
PutFile put file to agent
func SSHClient ¶
SSHClient ssh to sshd server, with shell access in a new tmux window shell: the executable to run, eg. bash, python port: serve this shell on agent side 127.0.0.1:port
func SelectCurrentTarget ¶
func SelectCurrentTarget() (target *emp3r0r_data.AgentSystemInfo)
SelectCurrentTarget check if current target is set and alive
func Send2Agent ¶
func Send2Agent(data *emp3r0r_data.MsgTunData, agent *emp3r0r_data.AgentSystemInfo) (err error)
Send2Agent send MsgTunData to agent
func SendCmd ¶
func SendCmd(cmd, cmd_id string, a *emp3r0r_data.AgentSystemInfo) error
SendCmd send command to agent
func SendCmdToCurrentTarget ¶
SendCmdToCurrentTarget send a command to currently selected agent
func SetAgentLabel ¶
func SetAgentLabel(a *emp3r0r_data.AgentSystemInfo) (label string)
SetAgentLabel if an agent is already labeled, we can set its label in later sessions
func SetDynamicPrompt ¶
func SetDynamicPrompt()
SetDynamicPrompt set prompt with module and target info
func ShadowsocksServer ¶
func ShadowsocksServer()
Start Shadowsocks proxy server with a random password (RuntimeConfig.ShadowsocksPassword), listening on RuntimeConfig.ShadowsocksPort You can use the offical Shadowsocks program to start the same Shadowsocks server on any host that you find convenient
func StatFile ¶
func StatFile(filepath string, a *emp3r0r_data.AgentSystemInfo) (fi *util.FileStat, err error)
StatFile Get stat info of a file on agent
func TakeScreenshot ¶
func TakeScreenshot()
TakeScreenshot take a screenshot of selected target, and download it open the picture if possible
func TmuxCurrentPane ¶
func TmuxCurrentPane() (pane_id string)
returns the index of current pane returns -1 when error occurs
func TmuxCurrentWindow ¶
func TmuxCurrentWindow() (id string)
All panes live in this tmux window, returns the unique ID of the window returns "" when error occurs
func TmuxDeinitWindows ¶
func TmuxDeinitWindows()
TmuxDeinitWindows close previously opened tmux windows
func TmuxDisplay ¶
func TmuxInitWindows ¶
func TmuxInitWindows() (err error)
TmuxInitWindows split current terminal into several windows/panes - command output window - current agent info
func TmuxKillWindow ¶
func TmuxNewWindow ¶
TmuxNewWindow split tmux window, and run command in the new pane
func TmuxSetOpt ¶
Set tmux option of current tmux window
func TmuxSetPaneTitle ¶
func TmuxSwitchWindow ¶
func TmuxUpdatePanes ¶
func TmuxUpdatePanes()
func TmuxWindowSize ¶
func TmuxWindowSize() (x, y int)
TmuxWindowSize size in chars, of the current tmux window/tab
func UnlockDownloads ¶
func UnlockDownloads() error
UnlockDownloads if there are incomplete file downloads that are "locked", unlock them unless CC is actually running/downloading
func UpdateOptions ¶
UpdateOptions add new options according to current module
func UpgradeAgent ¶
func UpgradeAgent()
func UploadToAgent ¶
func UploadToAgent(cmd string)
Types ¶
type APIResponse ¶
type APIResponse struct { Cmd string // user cmd MsgType string // log/json/cmd, tells frontend where to put it MsgData []byte // data payload, can be a JSON string or ordinary string Alert bool // whether to alert the frontend user }
APIResponse what the frontend sees, in JSON
type Control ¶
type Control struct { Index int // index of a connected agent Label string // custom label for an agent Conn *h2conn.Conn // h2 connection of an agent Ctx context.Context Cancel context.CancelFunc }
Control controller interface of a target
type Emp3r0rPane ¶
type Emp3r0rPane struct { Alive bool // indicates that pane is not dead ID string // tmux pane unique ID WindowID string // tmux window unique ID, indicates the window that the pane lives in Title string // title of pane Name string // intial title of pane, doesn't change even if pane is dead TTY string // eg. /dev/pts/1, write to this file to get your message displayed on this pane PID int // PID of the process running in tmux pane Cmd string // cmdline of the process Width int // width of pane, number of chars Height int // height of pane, number of chars }
Emp3r0rPane a tmux window/pane that makes emp3r0r CC's interface
func TmuxNewPane ¶
func TmuxNewPane(title, hV string, target_pane_id string, size int, cmd string) (pane *Emp3r0rPane, err error)
TmuxNewPane split tmux window, and run command in the new pane hV: horizontal or vertical split target_pane: target_pane tmux index, split this pane size: percentage, do not append %
func (*Emp3r0rPane) ClearPane ¶
func (pane *Emp3r0rPane) ClearPane() (err error)
func (*Emp3r0rPane) KillPane ¶
func (pane *Emp3r0rPane) KillPane() (err error)
func (*Emp3r0rPane) PaneDetails ¶
func (pane *Emp3r0rPane) PaneDetails() ( is_alive bool, title string, tty string, pid int, cmd string, width int, height int)
PaneDetails Get details of a tmux pane
func (*Emp3r0rPane) Printf ¶
func (pane *Emp3r0rPane) Printf(clear bool, format string, a ...interface{})
Printf like printf, but prints to a tmux pane/window id: pane unique id
func (*Emp3r0rPane) ResizePane ¶
func (pane *Emp3r0rPane) ResizePane(direction string, lines int) (err error)
ResizePane resize pane in x/y to number of lines
func (*Emp3r0rPane) Respawn ¶
func (pane *Emp3r0rPane) Respawn() (err error)
type LabeledAgent ¶
type ModConfig ¶
type ModConfig struct { Name string `json:"name"` // Display as this name Exec string `json:"exec"` // Run this executable file Platform string `json:"platform"` // targeting which OS? Linux/Windows IsInteractive bool `json:"interactive"` // whether run as a shell or not, eg. python, bettercap Author string `json:"author"` // by whom Date string `json:"date"` // when did you write it Comment string `json:"comment"` // describe your module in one line Path string `json:"path"` // where is this module stored? eg. ~/.emp3r0r/modules // option: [value, help] // eg. // "option you see in emp3r0r console": ["a parameter of your module", "describe how to use this parameter"] Options map[string][]string `json:"options"` }
ModConfig config.json of a module Example
{ "name": "LES", "exec": "les.sh", "platform": "Linux", "interactive": false, "author": "jm33-ng", "date": "2022-01-12", "comment": "https://github.com/mzet-/linux-exploit-suggester", "options": { "args": ["--checksec", "run les.sh with this commandline arg"] } }
type Option ¶
type Option struct { Name string // like `module`, `target`, `cmd_to_exec` Val string // the value to use Vals []string // possible values }
Option all necessary info of an option
type PortFwdSession ¶
type PortFwdSession struct { Protocol string // TCP or UDP Lport string // listen_port To string // to address Description string // fmt.Sprintf("%s (Local) -> %s (Agent)", listenPort, to_addr) Reverse bool // from agent to cc or cc to agent Listener *net.UDPConn // if mapping is UDP, we need its listener Timeout int // timeout in seconds Agent *emp3r0r_data.AgentSystemInfo // agent who holds this port mapping session Sh map[string]*StreamHandler // related to HTTP handler Ctx context.Context // PortFwd context Cancel context.CancelFunc // PortFwd cancel }
PortFwdSession holds controller interface of a port-fwd session
func (*PortFwdSession) InitReversedPortFwd ¶
func (pf *PortFwdSession) InitReversedPortFwd() (err error)
InitReversedPortFwd send portfwd command to agent and set up a reverse port mapping
func (*PortFwdSession) RunPortFwd ¶
func (pf *PortFwdSession) RunPortFwd() (err error)
RunPortFwd forward from ccPort to dstPort on agent, via h2conn as if the dstPort is listening on CC machine
func (*PortFwdSession) RunReversedPortFwd ¶
func (pf *PortFwdSession) RunReversedPortFwd(sh *StreamHandler) (err error)
RunReversedPortFwd expose service on CC side to agent, via h2conn as if the service is listening on agent machine
type StreamHandler ¶
type StreamHandler struct { H2x *emp3r0r_data.H2Conn // h2conn with context Buf chan []byte // buffer for receiving data Token string // token string, for agent auth BufSize int // buffer size for reverse shell should be 1 }
StreamHandler allow the http handler to use H2Conn
Source Files ¶
- agentHandler.go
- api_server.go
- bash_stager.go
- buildAgent.go
- cc.go
- cli.go
- cmd.go
- config.go
- filemgr.go
- ftp.go
- kcp.go
- mod.go
- modGenAgent.go
- modRproxy.go
- mod_gdb.go
- modcustom.go
- modgetroot.go
- modinjector.go
- modmisc.go
- modportfwd.go
- modshell.go
- modssh_harvester.go
- modstage.go
- modvaccine.go
- packer.go
- proxy.go
- python_stager.go
- screenshot.go
- server.go
- sftp.go
- ssh.go
- suicide.go
- tmux.go
- util.go