Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // StoredXSSDosCmd runs the XSS vulnerability found after DEF CON 30. StoredXSSDosCmd = &cobra.Command{ Use: "StoredXSSDos", Short: "Stored XSS found in addition to the previously reported one", Run: func(cmd *cobra.Command, args []string) { fmt.Println(color.YellowString( "Introducing stored XSS vulnerability #2, please wait...")) caldera.URL = viper.GetString("login_url") caldera.RepoPath = viper.GetString("repo_path") caldera.Creds, err = GetRedCreds(caldera.RepoPath) if err != nil { log.WithError(err).Errorf( "failed to get Caldera credentials: %v", err) os.Exit(1) } caldera.Driver.Headless = viper.GetBool("headless") driver, cancels, err := setupChrome(caldera) if err != nil { log.WithError(err).Error("failed to setup Chrome") os.Exit(1) } defer cancelAll(cancels) caldera.Driver = driver caldera, err = Login(caldera) if err != nil { log.WithError(err).Error("failed to login to caldera") os.Exit(1) } caldera.Payload = viper.GetString("payload") if err = storedXSSDosVuln(caldera.Payload); err != nil { log.WithError(err).WithFields(log.Fields{ "Payload": caldera.Payload, }).Error(color.RedString(err.Error())) } }, } )
View Source
var ( // StoredXSSUnoCmd runs the XSS vulnerability found before DEF CON 30. StoredXSSUnoCmd = &cobra.Command{ Use: "StoredXSSUno", Short: "Stored XSS found during DEF CON 30.", Run: func(cmd *cobra.Command, args []string) { fmt.Println(color.YellowString( "Introducing stored XSS vulnerability #1, please wait...")) caldera.URL = viper.GetString("login_url") caldera.RepoPath = viper.GetString("repo_path") caldera.Creds, err = GetRedCreds(caldera.RepoPath) if err != nil { log.WithError(err).Errorf( "failed to get Caldera credentials: %v", err) os.Exit(1) } caldera.Driver.Headless = viper.GetBool("headless") driver, cancels, err := setupChrome(caldera) if err != nil { log.WithError(err).Error("failed to setup Chrome") os.Exit(1) } defer cancelAll(cancels) caldera.Driver = driver caldera, err = Login(caldera) if err != nil { log.WithError(err).Error("failed to login to caldera") os.Exit(1) } caldera.Payload = viper.GetString("payload") if err = storedXSSUnoVuln(caldera.Payload); err != nil { log.WithError(err).WithFields(log.Fields{ "Payload": caldera.Payload, }).Error(color.RedString(err.Error())) } }, } )
View Source
var ( // TestEnvCmd represents the TestEnv command TestEnvCmd = &cobra.Command{ Use: "TestEnv", Short: "Create/Destroy test environment", Long: `Facilitate the creation or destruction of a test environment using docker compose.`, Run: func(cmd *cobra.Command, args []string) { vuln, _ := cmd.Flags().GetBool("vuln") recent, _ := cmd.Flags().GetBool("recent") destroy, _ := cmd.Flags().GetBool("destroy") cwd := goutils.Gwd() caldera.RepoPath = viper.GetString("repo_path") if err := goutils.Cd(caldera.RepoPath); err != nil { log.WithError(err).WithFields(log.Fields{ "Repo Path": caldera.RepoPath, }).Error("failed to navigate to the caldera repo") os.Exit(1) } if vuln { if err = CreateTestEnvVuln(); err != nil { log.WithError(err).Error("failed to create vulnerable test environment") os.Exit(1) } } else if destroy { if err = DestroyTestEnv(); err != nil { log.WithError(err).Error("failed to destroy test environment") os.Exit(1) } } else if recent { if err = CreateTestEnvRecent(); err != nil { log.WithError(err).Error("failed to create recent test environment") os.Exit(1) } } if err := goutils.Cd(cwd); err != nil { log.WithError(err).WithFields(log.Fields{ "Current Working Directory": cwd, }).Error("failed to navigate back from the caldera repo") os.Exit(1) } }, } )
Functions ¶
func CreateTestEnvRecent ¶
func CreateTestEnvRecent() error
CreateTestEnvRecent deploys the most recent version of Caldera using docker compose.
func CreateTestEnvVuln ¶
func CreateTestEnvVuln() error
CreateTestEnvVuln deploys an insecure version of Caldera using docker compose.
func DestroyTestEnv ¶
func DestroyTestEnv() error
DestroyTestEnv destroys a CALDERA deployment created using docker compose
Types ¶
type Caldera ¶
type Caldera struct {
Creds Credentials
Driver ChromeDP
HomeURL string
RepoPath string
URL string
Payload string
}
Caldera contains parameters associated with MITRE CALDERA.
type ChromeDP ¶
type ChromeDP struct {
Context context.Context
Options *[]chromedp.ExecAllocatorOption
Headless bool
}
ChromeDP contains parameters associated with running ChromeDP.
type Credentials ¶
Credentials contains the credentials to access CALDERA.
func GetRedCreds ¶
func GetRedCreds(calderaPath string) (Credentials, error)
GetRedCreds navigates to the input calderaPath to retrieve the red user credentials for MITRE CALDERA.
type Payload ¶
type Payload struct {
Name string `json:"name"`
AutoClose bool `json:"auto_close"`
State string `json:"state"`
Autonomous int `json:"autonomous"`
UseLearningParsers bool `json:"use_learning_parsers"`
Obfuscator string `json:"obfuscator"`
Jitter string `json:"jitter"`
Visibility string `json:"visibility"`
}
Payload is used to represent the POST body associated with the source for the attack.
Source Files
Click to show internal directories.
Click to hide internal directories.