app.contacts namespace
Subpackages
Submodules
app.contacts.contact_dns module
- class app.contacts.contact_dns.DnsAnswerObj(record_type, dns_class, ttl, data)
Bases:
object- get_bytes(byteorder='big')
- class app.contacts.contact_dns.DnsPacket(transaction_id, flags, num_questions, num_answer_rrs, num_auth_rrs, num_additional_rrs, qname_labels, record_type, dns_class)
Bases:
object- authoritative_resp_flag = 1024
- static generate_packet_from_bytes(data, byteorder='big')
- get_opcode()
- get_response_code()
- has_standard_query()
- is_query()
- is_response()
- opcode_mask = 30720
- opcode_offset = 11
- query_response_flag = 32768
- recursion_available()
- recursion_available_flag = 128
- recursion_desired()
- recursion_desired_flag = 256
- response_code_mask = 15
- truncated()
- truncated_flag = 512
- class app.contacts.contact_dns.DnsRecordType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases:
Enum- A = 1
- AAAA = 28
- CNAME = 5
- NS = 2
- TXT = 16
- class app.contacts.contact_dns.DnsResponse(transaction_id, flags, num_questions, num_answer_rrs, num_auth_rrs, num_additional_rrs, qname_labels, record_type, dns_class, answers)
Bases:
DnsPacket- default_ttl = 300
- static generate_response_for_query(dns_query, r_code, answers, authoritative=True, recursion_available=False, truncated=False)
Given DnsPacket query, return response with provided fields. Answers is list of DnsAnswerObj for the given query.
- get_bytes(byteorder='big')
- max_ttl = 86400
- max_txt_size = 255
- min_ttl = 300
- standard_pointer = 49164
- class app.contacts.contact_dns.DnsResponseCodes(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases:
Enum- NXDOMAIN = 3
- SUCCESS = 0
- class app.contacts.contact_dns.Handler(domain, services, name)
Bases:
DatagramProtocol- class ClientRequestContext(request_id, dns_request, request_contents)
Bases:
object
- class FileUploadRequest(request_id, requesting_paw, directory, filename)
Bases:
object
- class MessageType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases:
Enum- Beacon = 'be'
- FileUploadData = 'ud'
- FileUploadRequest = 'ur'
- InstructionDownload = 'id'
- PayloadDataDownload = 'pd'
- PayloadFilenameDownload = 'pf'
- PayloadRequest = 'pr'
- class TunneledMessage(message_id, message_type, num_chunks)
Bases:
object- add_chunk(chunk_index, contents)
- export_contents()
- is_complete()
- connection_made(transport)
Called when a connection is made.
The argument is the transport representing the pipe connection. To receive data, wait for data_received() calls. When the connection is closed, connection_lost() is called.
- datagram_received(data, addr)
Called when some datagram is received.
- async generate_dns_tunneling_response_bytes(data)
app.contacts.contact_ftp module
- class app.contacts.contact_ftp.Contact(services)
Bases:
BaseWorld- check_config()
- async ftp_server_python_new()
- async ftp_server_python_old()
- set_up_server()
- setup_ftp_users()
- async start()
- async stop()
- class app.contacts.contact_ftp.FtpHandler(user, contact_svc, file_svc, logger, host, port, username, password, user_dir)
Bases:
Server- async contact_caldera_server(profile)
- async create_beacon_response(agent, instructions)
- async get_payload_file(payload_dict)
- async handle_agent_file(split_file_path, file_bytes)
- async stor(connection, rest, mode='wb')
- async submit_uploaded_file(paw, filename, data)
- write_file(paw, file_name, contents)
app.contacts.contact_gist module
- class app.contacts.contact_gist.Contact(services)
Bases:
BaseWorld- class GistUpload(upload_id, filename, num_chunks)
Bases:
object- add_chunk(chunk_index, contents)
- export_contents()
- is_complete()
- VALID_TOKEN_FORMATS = ['^[a-fA-F0-9]{40,255}$', '^ghp_[A-Za-z0-9_]{36,251}$']
- async get_beacons()
Retrieve all GIST beacons for a particular api token :return: the beacons
- async get_results()
Retrieve all GIST posted results for a this C2’s api token :return:
- async get_uploads()
Retrieve all GIST posted file uploads for this C2’s api token :return: list of (raw content, gist description, gist filename) tuples for upload GISTs
- async gist_operation_loop()
- async handle_beacons(beacons)
Handles various beacons types (beacon and results)
- async handle_uploads(upload_gist_info)
- retrieve_config()
- async start()
- valid_config(token)
- app.contacts.contact_gist.api_access(func)
app.contacts.contact_html module
app.contacts.contact_http module
app.contacts.contact_slack module
- class app.contacts.contact_slack.Contact(services)
Bases:
BaseWorld- class SlackUpload(upload_id, filename, num_chunks)
Bases:
object- add_chunk(chunk_index, contents)
- export_contents()
- is_complete()
- async get_beacons()
Retrieve all SLACK beacons for a particular api key :return: the beacons
- async get_results()
Retrieve all SLACK posted results for a this C2’s api key :return:
- async get_uploads()
Retrieve all SLACK posted file uploads for this C2’s api key :return: list of (raw content, slack description, slack filename) tuples for upload SLACKs
- async handle_beacons(beacons)
Handles various beacons types (beacon and results)
- async handle_uploads(upload_slack_info)
- retrieve_config()
- async slack_operation_loop()
- async start()
- async valid_config()
- app.contacts.contact_slack.api_access(func)