Documentation
¶
Index ¶
- type Agent
- func (a *Agent) AddLink(link uuid.UUID)
- func (a *Agent) Alive() bool
- func (a *Agent) Authenticated() bool
- func (a *Agent) Build() Build
- func (a *Agent) Comms() Comms
- func (a *Agent) Host() Host
- func (a *Agent) ID() uuid.UUID
- func (a *Agent) Initial() time.Time
- func (a *Agent) Links() []uuid.UUID
- func (a *Agent) Listener() uuid.UUID
- func (a *Agent) Log(message string)
- func (a *Agent) Note() string
- func (a *Agent) OPAQUE() *opaque.Server
- func (a *Agent) Padding() int
- func (a *Agent) Process() Process
- func (a *Agent) RemoveLink(link uuid.UUID)
- func (a *Agent) ResetOPAQUE()
- func (a *Agent) Secret() []byte
- func (a *Agent) SetAuthenticated(authenticated bool)
- func (a *Agent) SetSecret(secret []byte)
- func (a *Agent) StatusCheckin() time.Time
- func (a *Agent) UpdateAlive(alive bool)
- func (a *Agent) UpdateAuthenticated(authenticated bool)
- func (a *Agent) UpdateBuild(build Build)
- func (a *Agent) UpdateComms(comms Comms)
- func (a *Agent) UpdateHost(host Host)
- func (a *Agent) UpdateInitial(initial time.Time)
- func (a *Agent) UpdateListener(listener uuid.UUID)
- func (a *Agent) UpdateNote(note string)
- func (a *Agent) UpdateOPAQUE(opaque *opaque.Server)
- func (a *Agent) UpdateProcess(process Process)
- func (a *Agent) UpdateStatusCheckin(checkin time.Time)
- type Build
- type Comms
- type Host
- type Process
- type Repository
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Agent ¶
type Agent struct {
// contains filtered or unexported fields
}
Agent is an aggregate structure that holds information about Agent's the server is communicating with
func NewAgent ¶
func NewAgent(id uuid.UUID, secret []byte, opaque *opaque.Server, initial time.Time) (agent Agent, err error)
NewAgent is a factory to create and return an Agent structure based on the provided inputs
func (*Agent) Alive ¶
Alive returns true if the Agent is actively in use and false if the agent has been killed or removed
func (*Agent) Authenticated ¶
Authenticated checks to see if the agent has successfully completed authentication
func (*Agent) Build ¶
Build returns the Agent's embedded Build entity structure Contains the agent's build and version number
func (*Agent) Comms ¶
Comms returns the Agent's embedded Comms entity structure Contains things like kill date, message padding size, transport protocol, skew, and sleep time
func (*Agent) Host ¶
Host returns the Agent's embedded Host entity structure Contains information about the host the Agent is running on such as hostname, operating system, architecture, and IP addresses
func (*Agent) Links ¶
Links returns a list of linked Agent IDs where this agent is the parent and the list of Agents are the children
func (*Agent) Listener ¶
Listener returns the unique identifier of the Listener that the agent belongs to The associated listener determines Agent traffic encryption/encoding and delivery mechanism
func (*Agent) Process ¶
Process returns the Agent's embedded Process entity structure Contains information about the process the Agent is running in/as such as process ID, name, username, domain, and integrity level
func (*Agent) RemoveLink ¶
RemoveLink deletes the child Agent link from the list of linked Agents
func (*Agent) ResetOPAQUE ¶
func (a *Agent) ResetOPAQUE()
ResetOPAQUE resets the Agent's embedded OPAQUE server structure to nil
func (*Agent) Secret ¶
Secret returns the Agent's secret key, typically used to encrypt/decrypt messages
func (*Agent) SetAuthenticated ¶
SetAuthenticated updates that Agent's authenticated field, typically once authentication has completed
func (*Agent) StatusCheckin ¶
StatusCheckin returns a time stamp of when the agent last checked in
func (*Agent) UpdateAlive ¶
UpdateAlive updates the Agent's alive status to the provided value
func (*Agent) UpdateAuthenticated ¶
UpdateAuthenticated updates the Agent's authentication status to the provided value
func (*Agent) UpdateBuild ¶
UpdateBuild updates the Agent's embedded Build entity structure with the provided structure
func (*Agent) UpdateComms ¶
UpdateComms updates the Agent's embedded Comms entity structure with the provided structure
func (*Agent) UpdateHost ¶
UpdateHost updates the Agent's embedded Host entity structure with the provided structure
func (*Agent) UpdateInitial ¶
UpdateInitial updates the time stamp for when the Agent was first seen
func (*Agent) UpdateListener ¶
UpdateListener updates the listener ID the Agent belongs to
func (*Agent) UpdateNote ¶
UpdateNote update the Agent's note field with the provided message
func (*Agent) UpdateOPAQUE ¶
UpdateOPAQUE updates the Agent's embedded OPAQUE server structure with the provided structure
func (*Agent) UpdateProcess ¶
UpdateProcess updates the Agent's embedded Process entity structure with the provided structure
func (*Agent) UpdateStatusCheckin ¶
UpdateStatusCheckin updates the time stamp for when the Agent last checked in
type Build ¶
type Build struct {
Build string // The agent's build hash
Version string // The agent's version number
}
Build is a structure that holds information about an Agent's compiled build hash and the Agent's version number
type Comms ¶
type Comms struct {
Failed int // The number of times the agent has failed to check in
JA3 string // The ja3 signature applied to the agent's TLS client
Kill int64 // The epoch date and time that the agent will kill itself and quit running
Padding int // The maximum amount of padding that will be appended to the Base message
Proto string // The protocol the agent is using to communicate with the server
Retry int // The maximum amount of times an agent will retry to check in before exiting
Skew int64 // The amount of skew, or jitter, used to calculate the check in time
Wait string // The amount of time the agent waits before trying to check in
}
Comms is a structure that holds information about an Agent's communication profile
type Host ¶
type Host struct {
Architecture string // The operating system architecture the agent is running on (e.g., x86 or x64)
Name string // The host name the agent is running on
Platform string // The platform, or operating system, the agent is running on
IPs []string // A list of interface IP addresses on the host where the agent is running
}
Host is a structure that holds information about the Host operating system an Agent is running on
type Process ¶
type Process struct {
ID int // The process ID that the agent is running in
Integrity int // The integrity level of the process the agent is running in
Name string // The process name that the agent is running in
UserGUID string // The GUID of the user that the agent is running as
UserName string // The username that the agent is running as
Domain string // The domain the user running the process belongs to
}
Process is a structure that holds information about the Process the Agent is running in/as
type Repository ¶
type Repository interface {
Add(agent Agent) error
Get(id uuid.UUID) (Agent, error)
GetAll() (agents []Agent)
Remove(id uuid.UUID) error
Log(id uuid.UUID, message string) error
Update(agent Agent) error
UpdateAlive(id uuid.UUID, alive bool) error
UpdateAuthenticated(id uuid.UUID, authenticated bool) error
UpdateBuild(id uuid.UUID, build Build) error
UpdateComms(id uuid.UUID, comms Comms) error
UpdateHost(id uuid.UUID, host Host) error
UpdateInitial(id uuid.UUID, t time.Time) (err error)
UpdateListener(id, listener uuid.UUID) error
UpdateProcess(id uuid.UUID, process Process) error
UpdateNote(id uuid.UUID, note string) error
UpdateStatusCheckin(id uuid.UUID, t time.Time) (err error)
AddLinkedAgent(id uuid.UUID, link uuid.UUID) error
RemoveLinkedAgent(id uuid.UUID, link uuid.UUID) error
}
Repository is an interface used to add, get, or update Agents from a data source
Source Files
Directories