Documentation
¶
Index ¶
- Constants
- Variables
- func GetRealAddr(r *http.Request) net.IP
- func InnerSubstring(str string, prefix string, suffix string) string
- type LandingType
- type Trace
- type Tracker
- func (module *Tracker) Author() string
- func (module *Tracker) Description() string
- func (module *Tracker) ExportSession(id string)
- func (module *Tracker) GetVictim(t *Trace) (v *db.Victim, err error)
- func (module *Tracker) IsEnabled() bool
- func (module *Tracker) Name() string
- func (module *Tracker) Prompt()
- func (module *Tracker) PushCookie(victim *db.Victim, cookie db.VictimCookie)
- func (module *Tracker) PushVictim(v *db.Victim)
- func (module *Tracker) ShowCredentials()
- func (module *Tracker) ShowVictims()
- func (module *Tracker) TrackRequest(request *http.Request) (t *Trace)
- func (module *Tracker) TrackResponse(response *http.Response) (t *Trace)
Constants ¶
const ( // Name of this module Name = "tracker" // Description of this module Description = "Uniquely track clients via unique identifiers, while harvesting for web credentials and sessions" // Author of this module Author = "Muraena Team" )
Variables ¶
var DisabledExtensions = strings.Split(strings.ToLower(blockExtension), ",")
var DisabledMedia = strings.Split(strings.ToLower(blockMedia), ",")
Functions ¶
func GetRealAddr ¶ added in v1.21.1
GetRealAddr returns the IP address from an http.Request
Types ¶
type LandingType ¶ added in v1.21.1
type LandingType int
const ( LandingPath LandingType = iota LandingQuery )
type Trace ¶
Trace object structure
func (*Trace) ExtractCredentials ¶
ExtractCredentials extracts credentials from a request body and stores within a VictimCredentials object
func (*Trace) ExtractCredentialsFromResponseHeaders ¶ added in v1.21.1
func (t *Trace) ExtractCredentialsFromResponseHeaders(response *http.Response) (found bool, err error)
ExtractCredentialsFromResponseHeaders extracts tracking credentials from response headers. It returns true if credentials are found, false otherwise.
func (*Trace) HijackSession ¶
HijackSession If the request URL matches those defined in authSession in the config, then pass the cookies in the CookieJar to necrobrowser to hijack the session
type Tracker ¶
type Tracker struct {
session.SessionModule
Enabled bool
Type LandingType
Identifier string
Header string
LandingHeader string
ValidatorRegex *regexp.Regexp
TrackerLength int
}
Tracker module
func (*Tracker) Description ¶
Description returns the module description
func (*Tracker) ExportSession ¶ added in v1.21.1
ExportSession prints the list of victims
func (*Tracker) Prompt ¶ added in v0.1.2
func (module *Tracker) Prompt()
Prompt prints module status based on the provided parameters
func (*Tracker) PushCookie ¶ added in v1.21.1
func (module *Tracker) PushCookie(victim *db.Victim, cookie db.VictimCookie)
PushCookie stores a Cookie in the database. If the cookie exists, it will be overridden
func (*Tracker) PushVictim ¶ added in v1.21.1
PushVictim stores a Victim in the database
func (*Tracker) ShowCredentials ¶
func (module *Tracker) ShowCredentials()
ShowCredentials prints the credentials in the CLI
func (*Tracker) ShowVictims ¶
func (module *Tracker) ShowVictims()
ShowVictims prints the list of victims
func (*Tracker) TrackRequest ¶
TrackRequest tracks an HTTP RequestTemplate
Source Files