types

package

v0.1.0 Latest Latest Go to latest Published: Apr 13, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/chainreactors/malice-network

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func BuildOneSpites(spite *implantpb.Spite) *implantpb.Spites
func BuildPingSpite() *implantpb.Spite
func BuildPingSpites() *implantpb.Spites
func BuildSpite(spite *implantpb.Spite, msg proto.Message) (*implantpb.Spite, error)
func BuildSpites(spites []*implantpb.Spite) *implantpb.Spites
type BasicProfile
type EncryptionConfig
- func FromEncryption(encryption *clientpb.Encryption) *EncryptionConfig
- func (encryption *EncryptionConfig) ToProtobuf() *clientpb.Encryption
type ImplantProfile
type MsgName
- func MessageType(message *implantpb.Spite) MsgName
- func (r MsgName) String() string
type PipelineParams
type ProfileConfig
- func LoadProfile(content []byte) (*ProfileConfig, error)
type ProfileParams
- func (p *ProfileParams) String() string
type PulseProfile
type SessionContext
- func NewSessionContext(req *clientpb.RegisterSession) *SessionContext
- func RecoverSessionContext(content string) (*SessionContext, error)
- func (ctx *SessionContext) Data() map[string]interface{}
- func (ctx *SessionContext) GetAny(id string) (interface{}, bool)
- func (ctx *SessionContext) Marshal() string
- func (ctx *SessionContext) Update(req *clientpb.RegisterSession)
type SessionInfo
type TlsConfig
- func FromTls(tls *clientpb.TLS) *TlsConfig
- func (tls *TlsConfig) ToProtobuf() *clientpb.TLS

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrUnknownSpite = errors.New("unknown spite body")
	ErrUnknownJob   = errors.New("unknown job body")
)

View Source

var DefaultProfile []byte

Functions ¶

func BuildOneSpites ¶

func BuildOneSpites(spite *implantpb.Spite) *implantpb.Spites

func BuildPingSpite ¶

func BuildPingSpite() *implantpb.Spite

func BuildPingSpites ¶ added in v0.0.3

func BuildPingSpites() *implantpb.Spites

func BuildSpite ¶

func BuildSpite(spite *implantpb.Spite, msg proto.Message) (*implantpb.Spite, error)

BuildSpite build spite request

func BuildSpites ¶

func BuildSpites(spites []*implantpb.Spite) *implantpb.Spites

Types ¶

type BasicProfile ¶ added in v0.0.3

type BasicProfile struct {
	Name       string   `yaml:"name" config:"name" default:"malefic"`
	Targets    []string `yaml:"targets" config:"targets" default:"[]"`
	Protocol   string   `yaml:"protocol" config:"protocol" default:"tcp"`
	TLS        bool     `yaml:"tls" config:"tls" default:"false"`
	Proxy      string   `yaml:"proxy" config:"proxy" default:""`
	Interval   int      `yaml:"interval" config:"interval" default:"5"`
	Jitter     float64  `yaml:"jitter" config:"jitter" default:"0.2"`
	CA         string   `yaml:"ca" config:"ca" default:""`
	Encryption string   `yaml:"encryption" config:"encryption" default:"aes"`
	Key        string   `yaml:"key" config:"key" default:"maliceofinternal"`
}

type EncryptionConfig ¶ added in v0.1.0

type EncryptionConfig struct {
	Enable bool   `json:"enable"`
	Type   string `json:"type"`
	Key    string `json:"key"`
}

func FromEncryption ¶ added in v0.1.0

func FromEncryption(encryption *clientpb.Encryption) *EncryptionConfig

func (*EncryptionConfig) ToProtobuf ¶ added in v0.1.0

func (encryption *EncryptionConfig) ToProtobuf() *clientpb.Encryption

type ImplantProfile ¶ added in v0.0.3

type ImplantProfile struct {
	Mod          string                 `yaml:"mod" config:"mod" default:""`
	RegisterInfo bool                   `yaml:"register_info" config:"register_info" default:"false"`
	HotLoad      bool                   `yaml:"hot_load" config:"hot_load" default:"false"`
	Modules      []string               `yaml:"modules" config:"modules" default:"[]"`
	Extras       map[string]interface{} `yaml:",inline"`
}

type MsgName ¶

type MsgName string

const (
	MsgInit  MsgName = consts.ModuleInit
	MsgPing  MsgName = consts.ModulePing
	MsgSleep MsgName = consts.ModuleSleep
	MsgLogin MsgName = consts.ModuleLogin
	MsgTask  MsgName = "task"
	MsgTasks MsgName = "tasks"
	// basic message
	MsgResponse MsgName = "response"
	MsgBlock    MsgName = "block"
	MsgAck      MsgName = "ack"
	MsgRegister MsgName = "register"
	MsgRequest  MsgName = "request"
	MsgUnknown  MsgName = "unknown"
	MsgNil      MsgName = "nil"
	MsgEmpty    MsgName = "empty"

	MsgSysInfo        MsgName = consts.ModuleSysInfo
	MsgUpload         MsgName = consts.ModuleUpload
	MsgDownload       MsgName = consts.ModuleDownload
	MsgCurl           MsgName = consts.ModuleCurl
	MsgExec           MsgName = consts.ModuleExecution
	MsgListModule     MsgName = consts.ModuleListModule
	MsgLoadModule     MsgName = consts.ModuleLoadModule
	MsgListAddon      MsgName = consts.ModuleListAddon
	MsgLoadAddon      MsgName = consts.ModuleLoadAddon
	MsgBinaryResponse MsgName = "assembly_response"
	MsgExecuteAddon   MsgName = consts.ModuleExecuteAddon
	MsgExecuteLocal   MsgName = consts.ModuleExecuteLocal
	//MsgExecuteSpawn     MsgName = "execute_spawn"
	MsgLs          MsgName = consts.ModuleLs
	MsgNetstat     MsgName = consts.ModuleNetstat
	MsgPs          MsgName = consts.ModulePs
	MsgKill        MsgName = consts.ModuleKill
	MsgBypass      MsgName = consts.ModuleBypass
	MsgRegistryAdd MsgName = consts.ModuleRegAdd

	MsgServicesResponse  MsgName = consts.ModuleServiceList
	MsgServiceResponse   MsgName = consts.ModuleServiceQuery
	MsgTaskSchdsResponse MsgName = consts.ModuleTaskSchdList
	MsgTaskSchdResponse  MsgName = consts.ModuleTaskSchdQuery
	MsgWmiQuery          MsgName = consts.ModuleWmiQuery
	MsgWmiExecute        MsgName = consts.ModuleWmiExec
)

func MessageType ¶

func MessageType(message *implantpb.Spite) MsgName

MessageType , parse response message

func (MsgName) String ¶

func (r MsgName) String() string

type PipelineParams ¶ added in v0.1.0

type PipelineParams struct {
	Parser     string                        `json:"parser,omitempty"`
	WebPath    string                        `json:"path,omitempty"`
	Link       string                        `json:"link,omitempty"`
	Console    string                        `json:"console,omitempty"`
	Subscribe  string                        `json:"subscribe,omitempty"`
	Agents     map[string]*clientpb.REMAgent `json:"agents,omitempty"`
	Encryption *EncryptionConfig             `json:"encryption,omitempty"`
	Tls        *TlsConfig                    `json:"tls,omitempty"`
	// HTTP pipeline specific params
	Headers    map[string][]string `json:"headers,omitempty"`
	ErrorPage  string              `json:"error_page,omitempty" gorm:"-"`
	BodyPrefix string              `json:"body_prefix,omitempty"`
	BodySuffix string              `json:"body_suffix,omitempty"`
}

type ProfileConfig ¶ added in v0.0.3

type ProfileConfig struct {
	Basic   *BasicProfile          `yaml:"basic" config:"basic"`
	Pulse   *PulseProfile          `yaml:"pulse" config:"pulse"`
	Implant *ImplantProfile        `yaml:"implants" config:"implants"`
	Extras  map[string]interface{} `yaml:",inline"`
}

func LoadProfile ¶ added in v0.0.3

func LoadProfile(content []byte) (*ProfileConfig, error)

type ProfileParams ¶ added in v0.0.3

type ProfileParams struct {
	Interval int     `json:"interval"`
	Jitter   float64 `json:"jitter"`
}

func (*ProfileParams) String ¶ added in v0.0.3

func (p *ProfileParams) String() string

type PulseProfile ¶ added in v0.0.3

type PulseProfile struct {
	Target     string                 `yaml:"target"`
	Encryption string                 `yaml:"encryption"`
	Key        string                 `yaml:"key"`
	Protocol   string                 `yaml:"protocol"`
	Extras     map[string]interface{} `yaml:",inline"`
}

type SessionContext ¶ added in v0.1.0

type SessionContext struct {
	*SessionInfo `json:",inline"`
	Modules      []string               `json:"modules"`
	Addons       []*implantpb.Addon     `json:"addons"`
	Argue        map[string]string      `json:"argue"` // 参数欺骗
	Any          map[string]interface{} `json:"any"`
}

func NewSessionContext ¶ added in v0.1.0

func NewSessionContext(req *clientpb.RegisterSession) *SessionContext

func RecoverSessionContext ¶ added in v0.1.0

func RecoverSessionContext(content string) (*SessionContext, error)

func (*SessionContext) Data ¶ added in v0.1.0

func (ctx *SessionContext) Data() map[string]interface{}

func (*SessionContext) GetAny ¶ added in v0.1.0

func (ctx *SessionContext) GetAny(id string) (interface{}, bool)

func (*SessionContext) Marshal ¶ added in v0.1.0

func (ctx *SessionContext) Marshal() string

func (*SessionContext) Update ¶ added in v0.1.0

func (ctx *SessionContext) Update(req *clientpb.RegisterSession)

type SessionInfo ¶ added in v0.1.0

type SessionInfo struct {
	Os          *implantpb.Os      `json:"os"`
	Process     *implantpb.Process `json:"process"`
	Interval    uint64             `json:"interval"`
	Jitter      float64            `json:"jitter"`
	IsPrivilege bool               `json:"is_privilege"`
	Filepath    string             `json:"filepath"`
	WorkDir     string             `json:"workdir"`
	ProxyURL    string             `json:"proxy"`
	Locale      string             `json:"locale"`
}

type TlsConfig ¶ added in v0.1.0

type TlsConfig struct {
	Enable bool   `json:"enable"`
	Cert   string `json:"cert"`
	Key    string `json:"key"`
}

func FromTls ¶ added in v0.1.0

func FromTls(tls *clientpb.TLS) *TlsConfig

func (*TlsConfig) ToProtobuf ¶ added in v0.1.0

func (tls *TlsConfig) ToProtobuf() *clientpb.TLS

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL