c2structs

package
v1.6.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 15, 2025 License: BSD-3-Clause Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	C2_PARAMETER_TYPE_STRING            C2ParameterType = "String"
	C2_PARAMETER_TYPE_BOOLEAN                           = "Boolean"
	C2_PARAMETER_TYPE_CHOOSE_ONE                        = "ChooseOne"
	C2_PARAMETER_TYPE_CHOOSE_ONE_CUSTOM                 = "ChooseOneCustom"
	C2_PARAMETER_TYPE_CHOOSE_MULTIPLE                   = "ChooseMultiple"
	C2_PARAMETER_TYPE_ARRAY                             = "Array"
	C2_PARAMETER_TYPE_DATE                              = "Date"
	C2_PARAMETER_TYPE_DICTIONARY                        = "Dictionary"
	C2_PARAMETER_TYPE_NUMBER                            = "Number"
	C2_PARAMETER_TYPE_TYPED_ARRAY                       = "TypedArray"
	C2_PARAMETER_TYPE_FILE                              = "File"
	C2_PARAMETER_TYPE_FILE_MULTIPLE                     = "FileMultiple"
)

Variables

View Source 
var (
	AllC2Data containerC2Data
)

Functions

This section is empty.

Types

type C2ConfigCheckMessage 

type C2ConfigCheckMessage struct {
	C2Parameters
}

type C2ConfigCheckMessageResponse 

type C2ConfigCheckMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

type C2GetDebugOutputMessage 

type C2GetDebugOutputMessage struct {
	Name string `json:"c2_profile_name"`
}

type C2GetDebugOutputMessageResponse 

type C2GetDebugOutputMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	InternalServerRunning bool   `json:"server_running"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

type C2GetIOCMessage added in v1.1.0 

type C2GetIOCMessage struct {
	C2Parameters
}

C2GetIOCMessage given the following C2 configuration, determine the IOCs that a defender should look for

type C2GetIOCMessageResponse added in v1.1.0 

type C2GetIOCMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	IOCs                  []IOC  `json:"iocs"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

C2GetIOCMessageResponse the resulting set of IOCs that a defender should look out for based on the C2GetIOCMessage configuration

type C2GetRedirectorRuleMessage 

type C2GetRedirectorRuleMessage struct {
	C2Parameters
}

type C2GetRedirectorRuleMessageResponse 

type C2GetRedirectorRuleMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

type C2HostFileMessage added in v1.1.0 

type C2HostFileMessage struct {
	Name     string `json:"c2_profile_name"`
	FileUUID string `json:"file_uuid"`
	HostURL  string `json:"host_url"`
	Remove   bool   `json:"remove"`
}

type C2HostFileMessageResponse added in v1.1.0 

type C2HostFileMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

type C2OPSECMessage 

type C2OPSECMessage struct {
	C2Parameters
}

type C2OPSECMessageResponse 

type C2OPSECMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

type C2Parameter 

type C2Parameter struct {
	Description       string                  `json:"description"`
	Name              string                  `json:"name"`
	DefaultValue      interface{}             `json:"default_value"`
	Randomize         bool                    `json:"randomize"`
	FormatString      string                  `json:"format_string"`
	ParameterType     C2ParameterType         `json:"parameter_type"`
	Required          bool                    `json:"required"`
	VerifierRegex     string                  `json:"verifier_regex"`
	IsCryptoType      bool                    `json:"crypto_type"`
	Choices           []string                `json:"choices"`
	DictionaryChoices []C2ParameterDictionary `json:"dictionary_choices"`
	UiPosition        int                     `json:"ui_position"`
}

type C2ParameterDictionary 

type C2ParameterDictionary struct {
	Name         string `json:"name"`
	DefaultValue string `json:"default_value"`
	DefaultShow  bool   `json:"default_show"`
}

type C2ParameterType 

type C2ParameterType = string

C2_SYNC STRUCTS

type C2Parameters added in v1.1.0 

type C2Parameters struct {
	Name       string                 `json:"c2_profile_name"`
	Parameters map[string]interface{} `json:"parameters"`
}

func (*C2Parameters) GetArg added in v1.1.0 

func (arg *C2Parameters) GetArg(name string) (interface{}, error)

func (*C2Parameters) GetArgNames added in v1.1.0 

func (arg *C2Parameters) GetArgNames() []string

func (*C2Parameters) GetArrayArg added in v1.1.0 

func (arg *C2Parameters) GetArrayArg(name string) ([]string, error)

func (*C2Parameters) GetBooleanArg added in v1.1.0 

func (arg *C2Parameters) GetBooleanArg(name string) (bool, error)

func (*C2Parameters) GetChooseMultipleArg added in v1.1.0 

func (arg *C2Parameters) GetChooseMultipleArg(name string) ([]string, error)

func (*C2Parameters) GetChooseOneArg added in v1.1.0 

func (arg *C2Parameters) GetChooseOneArg(name string) (string, error)

func (*C2Parameters) GetChooseOneCustomArg added in v1.4.0 

func (arg *C2Parameters) GetChooseOneCustomArg(name string) (string, error)

func (*C2Parameters) GetCryptoArg added in v1.1.0 

func (arg *C2Parameters) GetCryptoArg(name string) (CryptoArg, error)

func (*C2Parameters) GetDateArg added in v1.1.0 

func (arg *C2Parameters) GetDateArg(name string) (string, error)

func (*C2Parameters) GetDictionaryArg added in v1.1.0 

func (arg *C2Parameters) GetDictionaryArg(name string) (map[string]string, error)

func (*C2Parameters) GetFileArg added in v1.1.0 

func (arg *C2Parameters) GetFileArg(name string) (string, error)

func (*C2Parameters) GetFileMultipleArg added in v1.4.0 

func (arg *C2Parameters) GetFileMultipleArg(name string) ([]string, error)

func (*C2Parameters) GetNumberArg added in v1.1.0 

func (arg *C2Parameters) GetNumberArg(name string) (float64, error)

func (*C2Parameters) GetStringArg added in v1.1.0 

func (arg *C2Parameters) GetStringArg(name string) (string, error)

func (*C2Parameters) GetTypedArrayArg added in v1.3.13 

func (arg *C2Parameters) GetTypedArrayArg(name string) ([][]string, error)

type C2Profile 

type C2Profile struct {
	Name                       string                                                                                    `json:"name"`
	Description                string                                                                                    `json:"description"`
	Author                     string                                                                                    `json:"author"`
	IsP2p                      bool                                                                                      `json:"is_p2p"`
	IsServerRouted             bool                                                                                      `json:"is_server_routed"`
	ServerBinaryPath           string                                                                                    `json:"-"`
	ServerFolderPath           string                                                                                    `json:"-"`
	SemVer                     string                                                                                    `json:"semver"`
	AgentIcon                  *[]byte                                                                                   `json:"agent_icon"`
	DarkModeAgentIcon          *[]byte                                                                                   `json:"dark_mode_agent_icon"`
	ConfigCheckFunction        func(message C2ConfigCheckMessage) C2ConfigCheckMessageResponse                           `json:"-"`
	GetRedirectorRulesFunction func(message C2GetRedirectorRuleMessage) C2GetRedirectorRuleMessageResponse               `json:"-"`
	OPSECCheckFunction         func(message C2OPSECMessage) C2OPSECMessageResponse                                       `json:"-"`
	GetIOCFunction             func(message C2GetIOCMessage) C2GetIOCMessageResponse                                     `json:"-"`
	SampleMessageFunction      func(message C2SampleMessageMessage) C2SampleMessageResponse                              `json:"-"`
	HostFileFunction           func(message C2HostFileMessage) C2HostFileMessageResponse                                 `json:"-"`
	CustomRPCFunctions         map[string]func(message C2RPCOtherServiceRPCMessage) C2RPCOtherServiceRPCMessageResponse  `json:"-"`
	OnContainerStartFunction   func(sharedStructs.ContainerOnStartMessage) sharedStructs.ContainerOnStartMessageResponse `json:"-"`
}

type C2RPCOtherServiceRPCMessage 

type C2RPCOtherServiceRPCMessage struct {
	ServiceName                 string                 `json:"service_name"` //required
	ServiceRPCFunction          string                 `json:"service_function"`
	ServiceRPCFunctionArguments map[string]interface{} `json:"service_arguments"`
}

type C2RPCOtherServiceRPCMessageResponse 

type C2RPCOtherServiceRPCMessageResponse struct {
	Success               bool                   `json:"success"`
	Error                 string                 `json:"error"`
	Result                map[string]interface{} `json:"result"`
	RestartInternalServer bool                   `json:"restart_internal_server"`
}

type C2RPCReSyncMessage 

type C2RPCReSyncMessage struct {
	Name string `json:"c2_profile_name"`
}

type C2RPCReSyncMessageResponse 

type C2RPCReSyncMessageResponse struct {
	Success bool   `json:"success"`
	Error   string `json:"error"`
}

type C2RPCStartServerMessage 

type C2RPCStartServerMessage struct {
	Name string `json:"c2_profile_name"`
}

type C2RPCStartServerMessageResponse 

type C2RPCStartServerMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	InternalServerRunning bool   `json:"server_running"`
}

type C2RPCStopServerMessage 

type C2RPCStopServerMessage struct {
	Name string `json:"c2_profile_name"`
}

type C2RPCStopServerMessageResponse 

type C2RPCStopServerMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	InternalServerRunning bool   `json:"server_running"`
}

type C2SampleMessageMessage added in v1.1.0 

type C2SampleMessageMessage struct {
	C2Parameters
}

C2SampleMessageMessage - Generate sample C2 Traffic based on this configuration so that the operator and developer can more easily troubleshoot

type C2SampleMessageResponse added in v1.1.0 

type C2SampleMessageResponse struct {
	Success               bool   `json:"success"`
	Error                 string `json:"error"`
	Message               string `json:"message"`
	RestartInternalServer bool   `json:"restart_internal_server"`
}

C2SampleMessageResponse - Provide a string representation of the C2 Traffic that the corresponding C2SampleMessageMessage configuration would generate

type C2SyncMessage 

type C2SyncMessage struct {
	Profile          C2Profile     `json:"c2_profile"`
	Parameters       []C2Parameter `json:"parameters"`
	ContainerVersion string        `json:"container_version"`
}

type C2SyncMessageResponse 

type C2SyncMessageResponse struct {
	Success bool   `json:"success"`
	Error   string `json:"error"`
}

type C2_GET_REDIRECTOR_RULE_STATUS 

type C2_GET_REDIRECTOR_RULE_STATUS = string

type C2_HOST_FILE_STATUS added in v1.1.0 

type C2_HOST_FILE_STATUS = string

type CryptoArg added in v1.1.0 

type CryptoArg struct {
	Value  string `json:"value" mapstructure:"value"`
	EncKey string `json:"enc_key" mapstructure:"enc_key"`
	DecKey string `json:"dec_key" mapstructure:"dec_key"`
}

type IOC added in v1.1.0 

type IOC struct {
	Type string `json:"type" mapstructure:"type"`
	IOC  string `json:"ioc" mapstructure:"ioc"`
}

IOC identify the type of ioc with Type and the actual IOC value An example could be a Type of URL with the actual IOC value being the configured callback URL with URI parameters

type SimplifiedC2ParameterDictionary 

type SimplifiedC2ParameterDictionary struct {
	Name  string `json:"name"`
	Value string `json:"value"`
	Key   string `json:"key"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.