config

package

v1.29.0 Latest Latest Go to latest Published: Oct 7, 2024 License: Apache-2.0 Imports: 5 Imported by: 10

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vulncheck-oss/go-exploit

Links

Open Source Insights

Documentation ¶

Index ¶

type Config
type ExploitType
- func (eType ExploitType) String() string
type ImplementedFeatures
type RhostTriplet
type SSLSupport

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {

	// implemented features describes which three stages the exploit implements
	Impl ImplementedFeatures
	// the vendor of the targeted product
	Vendor string
	// the targeted products
	Products []string
	// A combination of the Vendor and Products strings
	Product string
	// the CPE for the targeted product
	CPE []string
	// the CVE being tested
	CVE string
	// the protocol being targeted
	Protocol string
	// the type of exploit being executed
	ExType ExploitType
	// the c2 supported by the exploit
	SupportedC2 []c2.Impl

	StringFlagsMap map[string]*string
	IntFlagsMap    map[string]*int
	UintFlagsMap   map[string]*uint
	BoolFlagsMap   map[string]*bool

	// target host, the target address/name the exploit will work on
	Rhost string
	// target port, the target port the exploit will work on
	Rport int
	// a list of specific targets
	RhostsNTuple []RhostTriplet
	// local host for remote exploits
	Lhost string
	// local port
	Lport int
	// bind port
	Bport int
	// indicates if the framework should autodetect ssl/plain
	DetermineSSL bool
	// indicates if ssl is used in comms
	SSL bool
	// indicates if we run the target verify
	DoVerify bool
	// indicates if we run the version check
	DoVersionCheck bool
	// indicates if we run the exploit
	DoExploit bool
	// the user requested c2 to use
	C2Type c2.Impl
	// C2 server timeout
	C2Timeout int
	// Indicates if the c2 server will be handled elsewhere
	ThirdPartyC2Server bool
	// The database we are working with
	DBName string
	// File format template
	FileTemplateData string
	// File format exploit output
	FileFormatFilePath string
}

The config struct contains a mix of module specified configurations and user specified configurations. The Config struct is first generated by the exploit implementation and then modified by option parsing.

func New deprecated

func New(extype ExploitType, supportedC2 []c2.Impl, product string, cve string, defaultPort int) *Config

Deprecated: New does not affectively describe the affected/targeted product. Use NewRemoteExploit.

func NewLocal deprecated added in v1.23.0

func NewLocal(extype ExploitType, supportedC2 []c2.Impl, product string, cve string) *Config

Deprecated: NewLocal does not affectively describe the affected/targeted product. Use NewLocalExploit.

func NewLocalExploit ¶ added in v1.24.0

func NewLocalExploit(implemented ImplementedFeatures, extype ExploitType, supportedC2 []c2.Impl, vendor string,
	product []string, cpe []string, cve string,
) *Config

Defines a new remote exploit and associates with CVE/Product/Protocol metadata. Usage example:.

func NewRemoteExploit ¶ added in v1.24.0

func NewRemoteExploit(implemented ImplementedFeatures, extype ExploitType, supportedC2 []c2.Impl, vendor string,
	product []string, cpe []string, cve string, protocol string, defaultPort int,
) *Config

Defines a new remote exploit and associates with CVE/Product/Protocol metadata. Usage example:

conf := config.NewRemoteExploit(
  config.ImplementedFeatures{AssetDetection: true, VersionScanning: true, Exploitation: true},
  config.CodeExecution, []c2.Impl{c2.SimpleShellServer},
  "Atlassian", []string{"Confluence"}, []string{"cpe:2.3:a:atlassian:confluence"},
  "CVE-2023-22527", "HTTP", 8090)

func (*Config) CreateBoolFlag ¶ added in v1.29.0

func (conf *Config) CreateBoolFlag(name string, value bool, usage string)

Create a command line flag for the bool var "name" with the default value of "value" and store the result locally.

func (*Config) CreateBoolVarFlag ¶ added in v1.29.0

func (conf *Config) CreateBoolVarFlag(param *bool, name string, value bool, usage string)

Create a command line flag for the bool var "name" with the default value of "value" and store the result locally *using an external "param" pointer*.

func (*Config) CreateIntFlag ¶ added in v1.29.0

func (conf *Config) CreateIntFlag(name string, value int, usage string)

Create a command line flag for the int var "name" with the default value of "value" and store the result locally.

func (*Config) CreateIntVarFlag ¶ added in v1.29.0

func (conf *Config) CreateIntVarFlag(param *int, name string, value int, usage string)

Create a command line flag for the int var "name" with the default value of "value" and store the result locally *using an external "param" pointer*.

func (*Config) CreateStringFlag ¶ added in v1.29.0

func (conf *Config) CreateStringFlag(name string, value string, usage string)

Create a command line flag for the string var "name" with the default value of "value" and store the result locally.

func (*Config) CreateStringVarFlag ¶ added in v1.29.0

func (conf *Config) CreateStringVarFlag(param *string, name string, value string, usage string)

Create a command line flag for the string var "name" with the default value of "value" and store the result locally *using an external "param" pointer*.

func (*Config) CreateUintFlag ¶ added in v1.29.0

func (conf *Config) CreateUintFlag(name string, value uint, usage string)

Create a command line flag for the uint var "name" with the default value of "value" and store the result locally.

func (*Config) CreateUintVarFlag ¶ added in v1.29.0

func (conf *Config) CreateUintVarFlag(param *uint, name string, value uint, usage string)

Create a command line flag for the uint var "name" with the default value of "value" and store the result locally *using an external "param" pointer*.

func (*Config) GetBoolFlag ¶ added in v1.29.0

func (conf *Config) GetBoolFlag(name string) bool

Fetch the configured uint value for "name".

func (*Config) GetIntFlag ¶ added in v1.29.0

func (conf *Config) GetIntFlag(name string) int

Fetch the configured uint value for "name".

func (*Config) GetStringFlag ¶ added in v1.29.0

func (conf *Config) GetStringFlag(name string) string

Fetch the configured string value for "name".

func (*Config) GetUintFlag ¶ added in v1.29.0

func (conf *Config) GetUintFlag(name string) uint

Fetch the configured uint value for "name".

func (*Config) InitFlagsStructs ¶ added in v1.29.0

func (conf *Config) InitFlagsStructs()

type ExploitType ¶

type ExploitType int

const (
	CodeExecution         ExploitType = 0
	InformationDisclosure ExploitType = 1
	Webshell              ExploitType = 2
	FileFormat            ExploitType = 3
	Local                 ExploitType = 4
)

func (ExploitType) String ¶ added in v1.25.0

func (eType ExploitType) String() string

Convert ExploitType to String.

type ImplementedFeatures ¶ added in v1.24.0

type ImplementedFeatures struct {
	AssetDetection  bool
	VersionScanning bool
	Exploitation    bool
}

type RhostTriplet ¶ added in v1.0.14

type RhostTriplet struct {
	Rhost string
	Rport int
	SSL   SSLSupport
}

type SSLSupport ¶ added in v1.0.14

type SSLSupport int

const (
	SSLDisabled     SSLSupport = 0
	SSLEnabled      SSLSupport = 1
	SSLAutodiscover SSLSupport = 2
)

Source Files ¶

View all Source files

config.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL