app.contacts namespace¶
Subpackages¶
Submodules¶
app.contacts.contact_dns module¶
-
class
app.contacts.contact_dns.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
async
start
()¶
-
async
-
class
app.contacts.contact_dns.
DnsAnswerObj
(record_type, dns_class, ttl, data)¶ Bases:
object
-
get_bytes
(byteorder='big')¶
-
-
class
app.contacts.contact_dns.
DnsPacket
(transaction_id, flags, num_questions, num_answer_rrs, num_auth_rrs, num_additional_rrs, qname_labels, record_type, dns_class)¶ Bases:
object
-
static
generate_packet_from_bytes
(data, byteorder='big')¶
-
get_opcode
()¶
-
get_response_code
()¶
-
has_standard_query
()¶
-
is_query
()¶
-
is_response
()¶
-
opcode_mask
= 30720¶
-
opcode_offset
= 11¶
-
query_response_flag
= 32768¶
-
recursion_available
()¶
-
recursion_available_flag
= 128¶
-
recursion_desired
()¶
-
recursion_desired_flag
= 256¶
-
response_code_mask
= 15¶
-
truncated
()¶
-
truncated_flag
= 512¶
-
static
-
class
app.contacts.contact_dns.
DnsRecordType
¶ Bases:
enum.Enum
An enumeration.
-
A
= 1¶
-
AAAA
= 28¶
-
CNAME
= 5¶
-
NS
= 2¶
-
TXT
= 16¶
-
-
class
app.contacts.contact_dns.
DnsResponse
(transaction_id, flags, num_questions, num_answer_rrs, num_auth_rrs, num_additional_rrs, qname_labels, record_type, dns_class, answers)¶ Bases:
app.contacts.contact_dns.DnsPacket
-
default_ttl
= 300¶
-
static
generate_response_for_query
(dns_query, r_code, answers, authoritative=True, recursion_available=False, truncated=False)¶ Given DnsPacket query, return response with provided fields. Answers is list of DnsAnswerObj for the given query.
-
get_bytes
(byteorder='big')¶
-
max_ttl
= 86400¶
-
max_txt_size
= 255¶
-
min_ttl
= 300¶
-
standard_pointer
= 49164¶
-
-
class
app.contacts.contact_dns.
DnsResponseCodes
¶ Bases:
enum.Enum
An enumeration.
-
NXDOMAIN
= 3¶
-
SUCCESS
= 0¶
-
-
class
app.contacts.contact_dns.
Handler
(domain, services, name)¶ Bases:
asyncio.protocols.DatagramProtocol
-
class
ClientRequestContext
(request_id, dns_request, request_contents)¶ Bases:
object
-
class
FileUploadRequest
(request_id, requesting_paw, directory, filename)¶ Bases:
object
-
class
MessageType
¶ Bases:
enum.Enum
An enumeration.
-
Beacon
= 'be'¶
-
FileUploadData
= 'ud'¶
-
FileUploadRequest
= 'ur'¶
-
InstructionDownload
= 'id'¶
-
PayloadDataDownload
= 'pd'¶
-
PayloadFilenameDownload
= 'pf'¶
-
PayloadRequest
= 'pr'¶
-
-
class
TunneledMessage
(message_id, message_type, num_chunks)¶ Bases:
object
-
add_chunk
(chunk_index, contents)¶
-
export_contents
()¶
-
is_complete
()¶
-
-
connection_made
(transport)¶ Called when a connection is made.
The argument is the transport representing the pipe connection. To receive data, wait for data_received() calls. When the connection is closed, connection_lost() is called.
-
datagram_received
(data, addr)¶ Called when some datagram is received.
-
async
generate_dns_tunneling_response_bytes
(data)¶
-
class
app.contacts.contact_ftp module¶
-
class
app.contacts.contact_ftp.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
check_config
()¶
-
async
ftp_server_python_new
()¶
-
async
ftp_server_python_old
()¶
-
set_up_server
()¶
-
setup_ftp_users
()¶
-
async
start
()¶
-
async
stop
()¶
-
-
class
app.contacts.contact_ftp.
FtpHandler
(user, contact_svc, file_svc, logger, host, port, username, password, user_dir)¶ Bases:
aioftp.server.Server
-
async
contact_caldera_server
(profile)¶
-
async
create_beacon_response
(agent, instructions)¶
-
async
get_payload_file
(payload_dict)¶
-
async
handle_agent_file
(split_file_path, file_bytes)¶
-
async
stor
(connection, rest, mode='wb')¶
-
async
submit_uploaded_file
(paw, filename, data)¶
-
write_file
(paw, file_name, contents)¶
-
async
app.contacts.contact_gist module¶
-
class
app.contacts.contact_gist.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
class
GistUpload
(upload_id, filename, num_chunks)¶ Bases:
object
-
add_chunk
(chunk_index, contents)¶
-
export_contents
()¶
-
is_complete
()¶
-
-
VALID_TOKEN_FORMATS
= ['^[a-fA-F0-9]{40,255}$', '^ghp_[A-Za-z0-9_]{36,251}$']¶
-
async
get_beacons
()¶ Retrieve all GIST beacons for a particular api token :return: the beacons
-
async
get_results
()¶ Retrieve all GIST posted results for a this C2’s api token :return:
-
async
get_uploads
()¶ Retrieve all GIST posted file uploads for this C2’s api token :return: list of (raw content, gist description, gist filename) tuples for upload GISTs
-
async
gist_operation_loop
()¶
-
async
handle_beacons
(beacons)¶ Handles various beacons types (beacon and results)
-
async
handle_uploads
(upload_gist_info)¶
-
retrieve_config
()¶
-
async
start
()¶
-
valid_config
(token)¶
-
class
-
app.contacts.contact_gist.
api_access
(func)¶
app.contacts.contact_html module¶
-
class
app.contacts.contact_html.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
async
start
()¶
-
async
app.contacts.contact_http module¶
-
class
app.contacts.contact_http.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
async
start
()¶
-
async
app.contacts.contact_slack module¶
-
class
app.contacts.contact_slack.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
class
SlackUpload
(upload_id, filename, num_chunks)¶ Bases:
object
-
add_chunk
(chunk_index, contents)¶
-
export_contents
()¶
-
is_complete
()¶
-
-
async
get_beacons
()¶ Retrieve all SLACK beacons for a particular api key :return: the beacons
-
async
get_results
()¶ Retrieve all SLACK posted results for a this C2’s api key :return:
-
async
get_uploads
()¶ Retrieve all SLACK posted file uploads for this C2’s api key :return: list of (raw content, slack description, slack filename) tuples for upload SLACKs
-
async
handle_beacons
(beacons)¶ Handles various beacons types (beacon and results)
-
async
handle_uploads
(upload_slack_info)¶
-
retrieve_config
()¶
-
async
slack_operation_loop
()¶
-
async
start
()¶
-
async
valid_config
()¶
-
class
-
app.contacts.contact_slack.
api_access
(func)¶
app.contacts.contact_tcp module¶
-
class
app.contacts.contact_tcp.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
async
operation_loop
()¶
-
async
start
()¶
-
async
-
class
app.contacts.contact_tcp.
TcpSessionHandler
(services, log)¶ Bases:
app.utility.base_world.BaseWorld
-
async
accept
(reader, writer)¶
-
async
refresh
()¶
-
async
send
(session_id: int, cmd: str, timeout: int = 60) → Tuple[int, str, str, str]¶
-
async
app.contacts.contact_udp module¶
-
class
app.contacts.contact_udp.
Contact
(services)¶ Bases:
app.utility.base_world.BaseWorld
-
async
start
()¶
-
async