Documentation
¶
Index ¶
- func Accesschk(filepath string) (bool, string)
- func Download(target string) (bool, string)
- func Exec(commands string) (bool, string)
- func InjectEmpire(payload string) (bool, string)
- func List(commands string) (bool, string)
- func Migrate(jsonMigrate string) (bool, string)
- func Read(commands string) (bool, string)
- func RevSshShell(jsonparams string) (bool, string)
- func RevSshSocks5(jsonparams string) (bool, string)
- func Sysinfo() (bool, string)
- func Upload(target string, blob string) (bool, string)
- func Wipe(commands string) (bool, string)
- func Write(commands string) (bool, string)
- type InjectRevSshShellBichito
- type SysInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Accesschk ¶
Description: AccessCheck --> Linux and Darwin Flow: A.Use Native golang libraries and sys calls to get key operating System data
func Download ¶
Description: Download File from Foothold --> Linux and Darwin Flow: A.Read target PATH file and return its string
func Exec ¶
Description: Exec --> Linux and Darwin Flow: A.Spawn a sh process, and interprete the provided string
func InjectEmpire ¶
Description: Inject Empire --> Windows Flow: A.Send Empire string one liner to python interpreter
func List ¶
Description: List Files --> Linux,Darwin and Windows Flow: A.Use golang native ioutil library to list target PATH folder files
func Migrate ¶
Description: Migrate:Remote thread injection --> Windows. Inject a donut generated binary shellcode in the memory of another process and create a new thread. Flow: A. Will select the x64/x32 version of "migrate_remote_thread_windows" package B. Decode JSON object, that includes shellcode and PID C. Prepare C pointers, and call Migrate C++ wrapper D. C++:
d1. OpenProcess d2. VirtualAllocEx d3. WriteProcessMemory d4. CreateRemoteThread
E. C++ will return error/success. Error will be from the first windows api error (like cannot access target PID)
func Read ¶
Description: Read Files --> Linux,Darwin and Windows Flow: A.Use golang native ioutil library to read target PATH file, return the string content
func RevSshShell ¶
Description: Inject Reverse Shell --> Linux,Darwin Flow: A.Use golang ssh native library to spawn a ssh client that connects to a target staging
A1.Use provided credentials (username and pem key), for the ssh connection
B.This connection will create a listener in 2222 localport of target staging C.Spawn a sh process within the foothold, and pipe stdout/stdin(tty) through this last opened socket
func RevSshSocks5 ¶
Description: Inject Reverse Socks5 Flow: A.Use golang ssh native library to spawn a ssh client that connects to a target staging
A1.Use provided credentials (username and pem key), for the ssh connection
B.This connection will create a listener in 2222 localport of target staging C.Open a SOCKS5 socket in bichito, then any remote receiving connection (remote SSH listen socket) will be TCP redireced to SOCKS5
func Sysinfo ¶
Description: Sysinfo --> Linux. Retrieve Operating System key information from the foothold. Flow: A.Use Go native libraries and Linux syscalls to retrieve key foothold information
func Upload ¶
Description: Upload File to Foothold --> Linux,Darwin,Windows. Flow: A.Write parameter string into a file on target PATH
Types ¶
type InjectRevSshShellBichito ¶
type InjectRevSshShellBichito struct {
Domain string `json:"domain"`
Sshkey string `json:"sshkey"`
Port string `json:"port"`
User string `json:"user"`
}
This JSON Object definition is needed in some Implants Modules to decode parameters Hive will have the same definitions in: ./src/hive/hiveJobs.go
type SysInfo ¶
type SysInfo struct {
Pid string `json:"pid"`
Arch string `json:"arch"`
Os string `json:"os"`
OsV string `json:"osv"`
Hostname string `json:"hostname"`
Mac string `json:"mac"`
User string `json:"user"`
Privileges string `json:"privileges"`
}
This JSON Object definition is needed in some Implants Modules to decode parameters Hive will have the same definitions in: ./src/hive/hiveJobs.go
Source Files
Directories