consts

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 17, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MinTimeout                  = time.Duration(30 * time.Second)
	KB                          = 1024
	MB                          = KB * 1024
	GB                          = MB * 1024
	BufSize                     = 2 * MB
	ClientMaxReceiveMessageSize = 256 * MB
	// ServerMaxMessageSize - Server-side max GRPC message size
	ServerMaxMessageSize = 2 * GB
	DefaultTimeout       = 10 * time.Second // second
)

Default config

View Source 
const (
	ClientMenu  = "client"
	ImplantMenu = "implant"
)
View Source 
const (
	GenericGroup  = "generic"
	ImplantGroup  = "implant"
	ArmoryGroup   = "armory"
	AddonGroup    = "addon"
	MalGroup      = "mal"
	ListenerGroup = "listener"
)

Group

View Source 
const (
	MaxPacketLength = "server.config.packet_length"
	AuditLevel      = "server.audit"
)

config

View Source 
const (
	UnknownFile = iota
	EXEFile
	DLLFile
)
View Source 
const (
	DefaultMaxBodyLength   = 2 * 1024 * 1024 * 1024 // 2Gb
	DefaultHTTPTimeout     = time.Minute
	DefaultLongPollTimeout = time.Second
	DefaultLongPollJitter  = time.Second

	DefaultCacheJitter = 60 * 60
)

Time

View Source 
const (
	CtrlTaskCallback    = "task_callback"
	CtrlTaskFinish      = "task_finish"
	CtrlTaskCancel      = "task_cancel"
	CtrlTaskError       = "task_error"
	CtrlWebUpload       = "web_upload"
	CtrlListenerStart   = "listener_start"
	CtrlListenerStop    = "listener_stop"
	CtrlPipelineStart   = "pipeline_start"
	CtrlPipelineStop    = "pipeline_stop"
	CtrlWebsiteStart    = "website_start"
	CtrlWebsiteStop     = "website_stop"
	CtrlWebsiteRegister = "website_register"
	CtrlJobStart        = "job_start"
	CtrlJobStop         = "job_stop"
	CtrlSessionRegister = "session_register"
	CtrlSessionConsole  = "session_done"
	CtrlSessionError    = "session_finish"
)
View Source 
const (
	CtrlStatusSuccess = 0 + iota
	CtrlStatusFailed
)

ctrl status

View Source 
const (
	EventJoin        = "join"
	EventLeft        = "left"
	EventBroadcast   = "broadcast"
	EventNotify      = "notify"
	EventSession     = "session"
	EventListener    = "listener"
	EventTask        = "task"
	EventWebsite     = "website"
	EventTcpPipeline = "tcp"
	EventJob         = "job"
)

event

View Source 
const (
	MaleficErrorPanic uint32 = 1 + iota
	MaleficErrorUnpackError
	MaleficErrorMissbody
	MaleficErrorModuleError
	MaleficErrorModuleNotFound
	MaleficErrorTaskError
	MaleficErrorTaskNotFound
	MaleficErrorTaskOperatorNotFound
	MaleficErrorExtensionNotFound
	MaleficErrorUnexceptBody
)

Malefic Error

View Source 
const (
	ModuleExplore              = "explorer"
	ModuleExecution            = "exec"
	ModuleExecuteAssembly      = "execute_assembly"
	ModuleExecuteShellcode     = "execute_shellcode"
	ModuleAliasInlineShellcode = "inline_shellcode"
	ModuleExecuteExe           = "execute_exe"
	ModuleAliasInlineExe       = "inline_exe"
	ModuleExecuteDll           = "execute_dll"
	ModuleAliasInlineDll       = "inline_dll"
	ModuleExecuteBof           = "bof"
	ModulePowershell           = "powershell"
	ModuleUpload               = "upload"
	ModuleDownload             = "download"
	ModulePwd                  = "pwd"
	ModuleLs                   = "ls"
	ModuleCd                   = "cd"
	ModuleMv                   = "mv"
	ModuleMkdir                = "mkdir"
	ModuleRm                   = "rm"
	ModuleCat                  = "cat"
	ModulePs                   = "ps"
	ModuleCp                   = "cp"
	ModuleChmod                = "chmod"
	ModuleChown                = "chown"
	ModuleKill                 = "kill"
	ModuleWhoami               = "whoami"
	ModuleEnv                  = "env"
	ModuleSetEnv               = "setenv"
	ModuleUnsetEnv             = "unsetenv"
	ModuleInfo                 = "info"
	ModuleNetstat              = "netstat"
	ModuleBypass               = "bypass"
	ModuleCurl                 = "curl"
	ModuleListModule           = "list_module"
	ModuleLoadModule           = "load_module"
	ModuleRefreshModule        = "refresh_module"
	ModuleListAddon            = "list_addon"
	ModuleLoadAddon            = "load_addon"
	ModuleExecuteAddon         = "execute_addon"
	ModuleClear                = "clear"
	ModuleCancelTask           = "cancel_task"
)

client module and command

View Source 
const (
	CommandLogin            = "login"
	CommandExit             = "exit"
	CommandSessions         = "sessions"
	CommandTasks            = "tasks"
	CommandNote             = "note"
	CommandGroup            = "group"
	CommandObverse          = "obverse"
	CommandDelSession       = "del"
	CommandUse              = "use"
	CommandBackground       = "background"
	CommandSync             = "sync"
	CommandBroadcast        = "broadcast"
	CommandVersion          = "version"
	CommandNotify           = "notify"
	CommandAlias            = "alias"
	CommandAliasLoad        = "load"
	CommandAliasList        = "list"
	CommandAliasInstall     = "install"
	CommandAliasRemove      = "remove"
	CommandArmory           = "armory"
	CommandArmoryUpdate     = "update"
	CommandArmorySearch     = "search"
	CommandArmoryLoad       = "load"
	CommandExtension        = "extension"
	CommandExtensionList    = "list"
	CommandExtensionLoad    = "load"
	CommandExtensionInstall = "install"
	CommandExtensionRemove  = "remove"
	CommandMal              = "mal"
	CommandMalLoad          = "load"
	CommandMalList          = "list"
	CommandMalInstall       = "install"
	CommandMalRemove        = "remove"
	CommandTcp              = "tcp"
	CommandWebsite          = "website"
	CommandListener         = "listener"
	CommandJob              = "job"
	CommandRegister         = "register"
	CommandPipelineStart    = "start"
	CommandPipelineStop     = "stop"
)
View Source 
const (
	TaskErrorOperatorError       = 2
	TaskErrorNotExpectBody       = 3
	TaskErrorFieldRequired       = 4
	TaskErrorFieldLengthMismatch = 5
	TaskErrorFieldInvalid        = 6
	TaskError                    = 99
)

task error

View Source 
const (
	ClientPrompt = "IoM"
)

UI

Variables

View Source 
var (
	WindowsVer = map[string]string{
		"5.0.2195": "2000",
		"5.1.2600": "XP",

		"5.2.3790": "Server 2003/Server 2003 R2",

		"6.0.6000":   "Vista",
		"6.0.6001":   "Vista SP1/Server2008",
		"6.0.6002":   "Vista SP2/Server2008 SP2",
		"6.1.0":      "7/Server2008 R2",
		"6.1.7600":   "7/Server2008 R2",
		"6.1.7601":   "7 SP1/Server2008 R2 SP1",
		"6.2.9200":   "8/Server2012",
		"6.3.9600":   "8.1/Server2012 R2",
		"10.0.10240": "10 1507",
		"10.0.10586": "10 1511",
		"10.0.14393": "10 1607/Server2016",
		"10.0.15063": "10 1703",
		"10.0.16299": "10 1709",
		"10.0.17134": "10 1803",
		"10.0.17763": "10 1809/Server2019",
		"10.0.18362": "10 1903",
		"10.0.18363": "10 1909",
		"10.0.19041": "10 2004/Server2004",
		"10.0.19042": "10 20H2/Server20H2",
		"10.0.19043": "10 21H2",
		"10.0.20348": "Server2022",
		"10.0.22621": "11",
		"11.0.22000": "11",
	}

	WindowsArch = map[string]string{
		"x86_64": "amd64",
		"x86":    "386",
	}

	ArchMap = map[string]implantpb.Arch{
		"amd64": implantpb.Arch_x86_64,
		"386":   implantpb.Arch_i686,
		"arm":   implantpb.Arch_arm,
		"arm64": implantpb.Arch_aarch64,
		"mips":  implantpb.Arch_mips,
	}
)
View Source 
var (
	ModuleAliases = map[string]string{
		ModuleAliasInlineShellcode: ModuleExecuteShellcode,
		ModuleAliasInlineExe:       ModuleExecuteExe,
		ModuleAliasInlineDll:       ModuleExecuteDll,
	}
	ExecuteModules = []string{
		ModuleExecuteBof, ModuleExecuteDll, ModuleExecuteShellcode,
		ModuleExecuteExe, ModulePowershell, ModuleExecuteAssembly,
		ModuleAliasInlineExe, ModuleAliasInlineDll, ModuleAliasInlineShellcode,
	}
	InlineModules = []string{
		ModuleAliasInlineExe, ModuleAliasInlineDll, ModuleAliasInlineShellcode,
	}
	SacrificeModules = []string{
		ModuleExecuteExe, ModuleExecuteDll, ModuleExecuteShellcode,
	}
)

Functions

func FormatWindowsArch added in v0.0.2 

func FormatWindowsArch(arch string) string

func GetWindowsVer 

func GetWindowsVer(ver string) string

Types

type ReleaseType 

type ReleaseType int

release type 

const (
	ReleaseWinWorkstation ReleaseType = 1 + iota
	ReleaseWinDomainController
	ReleaseWinServer
	ReleaseMacOSX
	ReleaseUbuntu
	ReleaseCentos
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.