Documentation
¶
Index ¶
Constants ¶
const ( // PayloadSize is the maximum number of bytes that can be fit inside a C2 Msg object. it will have the added headers before being sent on wire PayloadSize = int(70) // ChunkSize determines how much data each DNS query or response has. after converting the msg of ChunkSize to base32, it shouldn't exceed ~250 bytes ChunkSize = uint8(90) // CompressionThreshold sets the minimum msg size to be compressed. anything lower than this size will be sent uncompressed CompressionThreshold = 1024 * 2 // 2KB )
Variables ¶
var DedupHashTable dedup = make(map[uint64]struct{})
DedupHashTable is an empty map with the hash of the payload as key.
Functions ¶
Types ¶
type CmdType ¶ added in v0.1.0
type CmdType uint8
CmdType defines which type of work this tunnel with be. currently Exec and Echo are supported
type MessagePacket ¶
type MessagePacket struct {
TimeStamp uint32 `struc:"uint32,little"`
PartID PartID `struc:"uint16,little"`
ParentPartID PartID `struc:"uint16,little"`
IsLastPart bool `struc:"bool,little"`
MessageType MsgType `struc:"uint8,little"`
Command CmdType `struc:"uint8,little"`
PayloadLength uint8 `struc:"uint8,little,sizeof=Payload"`
Payload []byte `struc:"[]byte,little"`
}
MessagePacket is the payload that will be on the wire for each DNS query and response
type MessagePacketWithSignature ¶
type MessagePacketWithSignature struct {
Signature *cryptography.PublicKey
Msg MessagePacket
}
MessagePacketWithSignature adds Signature to each packet separetely to help with reconstruction of packets
func CheckMessageIntegrity ¶
func CheckMessageIntegrity(packets []MessagePacketWithSignature) []MessagePacketWithSignature
CheckMessageIntegrity gets a list of packets with their signatures and returns another packet list that are sorted, deduplicated and are complete
func DecryptIncomingPacket ¶
func DecryptIncomingPacket(m *dns.Msg, suffix string, privatekey *cryptography.PrivateKey, publickey *cryptography.PublicKey) ([]MessagePacketWithSignature, bool, error)
DecryptIncomingPacket decrypts the incoming packet and returns the list of messages, a boolean indicating if the message should be skipped, and an error
type MsgType ¶ added in v0.1.0
type MsgType uint8
MsgType defines the type of each message (healtcheck, synctime, execute command etc) This is different from CmdType
type PartID ¶ added in v0.1.0
type PartID uint16
PartID is the ID of each part of a multipart message. ParentPartID is also of this type
func PreparePartitionedPayload ¶
func PreparePartitionedPayload(msg MessagePacket, payload []byte, dnsSuffix string, privateKey *cryptography.PrivateKey, serverPublicKey *cryptography.PublicKey) ([]string, PartID, error)
PreparePartitionedPayload Gets a big payload that needs to be sent over the wire, chops it up into smaller limbs and creates a list of messages to be sent. It also sends the parentPartID to make sure the series of messages are not lost
Source Files