Documentation ¶
Index ¶
- Constants
- func AES256GCMDecrypt(data, key []byte) ([]byte, error)
- func AES256GCMEncrypt(data []byte) ([]byte, []byte, error)
- func ExecuteRandomCommand(commands [][]string) (string, error)
- func Exists(path string) bool
- func Find(ext string) []string
- func FindByType(ext string, paths ...string) []string
- func GetOS() string
- func IsAccessible(path string) bool
- func IsAvailable(programs ...string) bool
- func Pwd(filename ...string) string
- func Quarantined(filename string, contents []byte) bool
- func Read(filename string) []byte
- func Remove(path string) bool
- func RemoveAll(path string) bool
- func Run(args []string) (*os.Process, error)
- func Say(print string)
- func Sayf(print string, args ...any)
- func Shell(args []string) (string, error)
- func Start(test func(), clean ...func())
- func Stop(code int)
- func Unzip(zipData []byte, path ...string) error
- func Wait(dur ...time.Duration)
- func Write(filename string, contents []byte) bool
- func XorDecrypt(data []byte, key []byte) []byte
- func XorEncrypt(data []byte) ([]byte, []byte, error)
- type Config
Constants ¶
const ( // Errors UnexpectedTestError int = 1 MalformedTestError int = 2 TimeoutExceeded int = 102 CleanupFailed int = 103 OutOfMemory int = 137 UnexpectedExecutionError int = 256 // Not Relevant NotRelevant int = 104 NotRelevantOS int = 108 // Protected TestForceKilled int = 9 TestGracefullyKilled int = 15 TestCompletedNormally int = 100 FileQuarantinedOnExtraction int = 105 NetworkConnectionBlocked int = 106 HostNotVulnerabile int = 107 ExecutionPrevented int = 126 FileQuarantinedOnExecution int = 127 // Unprotected Unprotected int = 101 TestIncorrectlyBlocked int = 110 )
Return codes as defined by: https://docs.preludesecurity.com/docs/understanding-results
Variables ¶
This section is empty.
Functions ¶
func AES256GCMDecrypt ¶
AES256GCMDecrypt will use AES256GCM to decrypt data with the provided key.
func AES256GCMEncrypt ¶
AES256GCMEncrypt will use AES256GCM to encrypt data with a randomly generated key. It returns the encrypted data with the key.
func ExecuteRandomCommand ¶
ExecuteRandomCommand will choose a random command from the provided list and execute it with Shell().
func Exists ¶
Exists checks if a file exists AND can be accessed. If this function returns false, the file might still exist, but the current user does not have the required privileges to access it. Check the log for more details.
func FindByType ¶
FindByType will walk the provided paths looking for files that have the provided file extension. If no paths are provided, it defaults to the user's home directory.
func IsAccessible ¶
IsAccessible will return whether or not the provided path can be opened.
func IsAvailable ¶
IsAvailable will look for a list of tools and check to see if any on in the system's PATH. It returns true upon the first tool found, false if none are found.
func Pwd ¶
Pwd will return the directory where the test is located on disk. It is important to note that this may not be the directory from which the test is running.
func Quarantined ¶
Quarantined will write the provided bytes to the proviled filename in the same directory as the test executable. It then waits and checks to see if the file exists. If the file is not found or is inaccessible, it is assumed to have been quarantined. The default directory is Pwd(), but can be overridden by configuring Cfg in advance. The default wait time is 3 seconds, but can be overridden by configuring Cfg in advance.
func Read ¶
Read will read a file and return the contents. An empty slice means failed read. By default the filename is assumed to be in Pwd(). You can override this behavior by configuring Cfg in advance.
func Remove ¶
Remove will attempt to remove a file and returns true upon success. See the log for any errors.
func RemoveAll ¶
RemoveAll will attempt to remove a directory and returns true upon success. See the log for any errors.
func Run ¶
Run will attempt to run the provided command and args as a new process. It returns the new process handle and any error that occurs. The caller should decide whether to call Kill() or Wait() on the returned process handle.
func Say ¶
func Say(print string)
Say will print a message prepended with a timestamp and the file/test name.
func Shell ¶
Shell will attempt to run the provided command and args as a new process. It returns the STDOUT or an error containing the STDERR.
func Start ¶
func Start(test func(), clean ...func())
Start takes a test function and runs it in the background. By default it waits 30 seconds before timeout. The cleanup function is run when Stop() is called. The default cleanup does nothing. A custom clean function can be optionally provided. The timeout can be overridden by configuring Cfg in advance.
func Stop ¶
func Stop(code int)
Stop will call the associated cleanup function (provided when Start() was called) and then exit with the provided code.
func Unzip ¶
Unzip will extract files from the provided zip data. If no path is provided, it will default to Pwd().
func Wait ¶
Wait will sleep for the specified duration. If duration is <= 0, it will default to 3 seconds.
func Write ¶
Write will write the provided contents to the provided file path and return any errors. By default the filename is assumed to be in Pwd(). You can override this behavior by configuring Cfg in advance.
func XorDecrypt ¶
XorDecrypt will use xor to decrypt data with the provided key.
Types ¶
type Config ¶
type Config struct {
// contains filtered or unexported fields
}
Config is a simple struct that contains common arguments for other functions in this package.
Cfg can be used to configure some default options on a per function basis.
func (*Config) Directory ¶
Directory will adjust the directory for the Config instance, then return itself so it can be chained inline. This is currently useful for Quarantine(), Read(), Unzip(), and Write(), to change the directory where the payload is written. The default directory is dependent on the function, but is typically Pwd().