output

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 25, 2025 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CallbackOutput      = 0
	CallbackFile        = 0x02
	CallbackFileWrite   = 0x08
	CallbackFileClose   = 0x09
	CallbackScreenshot  = 0x03
	CallbackError       = 0x0d
	CallbackOutputOem   = 0x1e
	CallbackOutputUtf8  = 0x20
	CallbackSystemError = 0x4d
)

Variables

View Source 
var (
	UserPassCredential = "user/pass"
	NtlmCredential     = "user/ntlm"
	TOKENCredential    = "token"
	CERTCredential     = "cert"
)
View Source 
var (
	GOGOPortType = "gogo"
)

Functions

func AsContext 

func AsContext[T Context](ctx Context) (T, error)

AsContext 将Context接口转换为具体的实现类型

func AsContexts 

func AsContexts[T Context](ctxs []Context) ([]T, error)

func FormatArrayResponse 

func FormatArrayResponse(ctx *clientpb.TaskContext) (string, error)

func FormatKVResponse 

func FormatKVResponse(ctx *clientpb.TaskContext) (string, error)

func MapJoin 

func MapJoin(m map[string]string) string

func MarshalContext 

func MarshalContext(ctx Context) []byte

func NewBinary 

func NewBinary(module string, path string, args []string, output bool, timeout uint32, arch string, process string, sac *implantpb.SacrificeProcess) (*implantpb.ExecuteBinary, error)

func NewBinaryData 

func NewBinaryData(module string, path string, data string, output bool, timeout uint32, arch string, process string, sac *implantpb.SacrificeProcess) (*implantpb.ExecuteBinary, error)

func NewExecutable 

func NewExecutable(module string, path string, args []string, arch string, output bool, sac *implantpb.SacrificeProcess) (*implantpb.ExecuteBinary, error)

func NewSacrifice 

func NewSacrifice(ppid uint32, hidden, block_dll, disable_etw bool, argue string) *implantpb.SacrificeProcess

func ParseArrayResponse 

func ParseArrayResponse(ctx *clientpb.TaskContext) (interface{}, error)

func ParseBOFResponse 

func ParseBOFResponse(ctx *clientpb.TaskContext) (interface{}, error)

func ParseBinaryResponse 

func ParseBinaryResponse(ctx *clientpb.TaskContext) (interface{}, error)

func ParseExecResponse 

func ParseExecResponse(ctx *clientpb.TaskContext) (interface{}, error)

func ParseKVResponse 

func ParseKVResponse(ctx *clientpb.TaskContext) (interface{}, error)

func ParseResponse 

func ParseResponse(ctx *clientpb.TaskContext) (interface{}, error)

func ParseStatus 

func ParseStatus(ctx *clientpb.TaskContext) (interface{}, error)

func ToContext 

func ToContext[T Context](ctx *clientpb.Context) (T, error)

func ToContexts 

func ToContexts[T Context](ctxs []*clientpb.Context) ([]T, error)

Types

type BOFResponse 

type BOFResponse struct {
	CallbackType uint8
	OutputType   uint8
	Length       uint32
	Data         []byte
}

type BOFResponses 

type BOFResponses []*BOFResponse

func (BOFResponses) String 

func (bofResps BOFResponses) String() string

type Context 

type Context interface {
	Type() string
	// Marshal 返回用于存储到数据库的序列化数据,忽略大型二进制数据
	Marshal() []byte
	// String 返回context的简要描述
	String() string
}

func ParseContext 

func ParseContext(typ string, content []byte) (Context, error)

type Contexts 

type Contexts []Context

func (Contexts) String 

func (ctxs Contexts) String() string

type CredentialContext 

type CredentialContext struct {
	CredentialType string            `json:"type"`
	Target         string            `json:"target"`
	Params         map[string]string `json:"params"`
}

func NewCredential 

func NewCredential(content []byte) (*CredentialContext, error)

func ParseMimikatz added in v0.1.1 

func ParseMimikatz(content []byte) ([]*CredentialContext, error)

ParseMimikatz parses mimikatz sekurlsa::logonpasswords output

func ParseZombie 

func ParseZombie(content []byte) ([]*CredentialContext, error)

func (*CredentialContext) Marshal 

func (c *CredentialContext) Marshal() []byte

func (*CredentialContext) String 

func (c *CredentialContext) String() string

func (*CredentialContext) Type 

func (c *CredentialContext) Type() string

type DownloadContext 

type DownloadContext struct {
	*FileDescriptor `json:",inline"`
	Content         []byte
}

func NewDownloadContext 

func NewDownloadContext(content []byte) (*DownloadContext, error)

func (*DownloadContext) Marshal 

func (d *DownloadContext) Marshal() []byte

func (*DownloadContext) String 

func (d *DownloadContext) String() string

func (*DownloadContext) Type 

func (d *DownloadContext) Type() string

type FileDescriptor 

type FileDescriptor struct {
	Name       string `json:"name"`
	TargetPath string `json:"target_path"`
	FilePath   string `json:"filepath"`
	Size       int64  `json:"size"`
	Checksum   string `json:"checksum"`
	Abstract   string `json:"abstract"`
}

func (*FileDescriptor) Marshal 

func (file *FileDescriptor) Marshal() (string, error)

type KeyLoggerContext 

type KeyLoggerContext struct {
	*FileDescriptor `json:",inline"`
	Content         []byte
}

func NewKeyLogger 

func NewKeyLogger(content []byte) (*KeyLoggerContext, error)

func (*KeyLoggerContext) Marshal 

func (k *KeyLoggerContext) Marshal() []byte

func (*KeyLoggerContext) String 

func (k *KeyLoggerContext) String() string

func (*KeyLoggerContext) Type 

func (k *KeyLoggerContext) Type() string

type PivotingContext 

type PivotingContext struct {
	Enable     bool   `json:"enable"`
	Listener   string `json:"listener_id"`
	ListenerIP string `json:"listener_ip"`
	Pipeline   string `json:"pipeline_id"`
	RemAgentID string `json:"id"`
	LocalURL   string `json:"local"`
	RemoteURL  string `json:"remote"`
	Mod        string `json:"mod"`
}

func NewPivoting 

func NewPivoting(content []byte) (*PivotingContext, error)

func NewPivotingWithRem 

func NewPivotingWithRem(agent *clientpb.REMAgent, pipe *clientpb.Pipeline) *PivotingContext

func (*PivotingContext) Abstract 

func (p *PivotingContext) Abstract() string

func (*PivotingContext) Marshal 

func (p *PivotingContext) Marshal() []byte

func (*PivotingContext) String 

func (p *PivotingContext) String() string

func (*PivotingContext) ToRemAgent 

func (p *PivotingContext) ToRemAgent() *clientpb.REMAgent

func (*PivotingContext) Type 

func (p *PivotingContext) Type() string

type Port 

type Port struct {
	Ip       string `json:"ip"`
	Port     string `json:"port"`
	Protocol string `json:"protocol"`
	Status   string `json:"status"`
}

type PortContext 

type PortContext struct {
	Ports   []*Port     `json:"ports"`
	Extends interface{} `json:"extend"`
}

func NewPortContext 

func NewPortContext(content []byte) (*PortContext, error)

func ParseGOGO 

func ParseGOGO(content []byte) (*PortContext, error)

func (*PortContext) GogoData 

func (p *PortContext) GogoData() (*parsers.GOGOData, bool)

func (*PortContext) Marshal 

func (p *PortContext) Marshal() []byte

func (*PortContext) String 

func (p *PortContext) String() string

func (*PortContext) Type 

func (p *PortContext) Type() string

type ScreenShotContext 

type ScreenShotContext struct {
	*FileDescriptor `json:",inline"`
	Content         []byte
}

func NewScreenShot 

func NewScreenShot(content []byte) (*ScreenShotContext, error)

func (*ScreenShotContext) Marshal 

func (s *ScreenShotContext) Marshal() []byte

func (*ScreenShotContext) String 

func (s *ScreenShotContext) String() string

func (*ScreenShotContext) Type 

func (s *ScreenShotContext) Type() string

type UploadContext 

type UploadContext struct {
	*FileDescriptor `json:",inline"`
	Content         []byte
}

func NewUploadContext 

func NewUploadContext(content []byte) (*UploadContext, error)

func (*UploadContext) Marshal 

func (u *UploadContext) Marshal() []byte

func (*UploadContext) String 

func (u *UploadContext) String() string

func (*UploadContext) Type 

func (u *UploadContext) Type() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.