app.contacts namespace¶
Subpackages¶
Submodules¶
app.contacts.contact_dns module¶
- class app.contacts.contact_dns.DnsAnswerObj(record_type, dns_class, ttl, data)¶
Bases:
object
- get_bytes(byteorder='big')¶
- class app.contacts.contact_dns.DnsPacket(transaction_id, flags, num_questions, num_answer_rrs, num_auth_rrs, num_additional_rrs, qname_labels, record_type, dns_class)¶
Bases:
object
- authoritative_resp_flag = 1024¶
- static generate_packet_from_bytes(data, byteorder='big')¶
- get_opcode()¶
- get_response_code()¶
- has_standard_query()¶
- is_query()¶
- is_response()¶
- opcode_mask = 30720¶
- opcode_offset = 11¶
- query_response_flag = 32768¶
- recursion_available()¶
- recursion_available_flag = 128¶
- recursion_desired()¶
- recursion_desired_flag = 256¶
- response_code_mask = 15¶
- truncated()¶
- truncated_flag = 512¶
- class app.contacts.contact_dns.DnsRecordType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)¶
Bases:
Enum
- A = 1¶
- AAAA = 28¶
- CNAME = 5¶
- NS = 2¶
- TXT = 16¶
- class app.contacts.contact_dns.DnsResponse(transaction_id, flags, num_questions, num_answer_rrs, num_auth_rrs, num_additional_rrs, qname_labels, record_type, dns_class, answers)¶
Bases:
DnsPacket
- default_ttl = 300¶
- static generate_response_for_query(dns_query, r_code, answers, authoritative=True, recursion_available=False, truncated=False)¶
Given DnsPacket query, return response with provided fields. Answers is list of DnsAnswerObj for the given query.
- get_bytes(byteorder='big')¶
- max_ttl = 86400¶
- max_txt_size = 255¶
- min_ttl = 300¶
- standard_pointer = 49164¶
- class app.contacts.contact_dns.DnsResponseCodes(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)¶
Bases:
Enum
- NXDOMAIN = 3¶
- SUCCESS = 0¶
- class app.contacts.contact_dns.Handler(domain, services, name)¶
Bases:
DatagramProtocol
- class ClientRequestContext(request_id, dns_request, request_contents)¶
Bases:
object
- class FileUploadRequest(request_id, requesting_paw, directory, filename)¶
Bases:
object
- class MessageType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)¶
Bases:
Enum
- Beacon = 'be'¶
- FileUploadData = 'ud'¶
- FileUploadRequest = 'ur'¶
- InstructionDownload = 'id'¶
- PayloadDataDownload = 'pd'¶
- PayloadFilenameDownload = 'pf'¶
- PayloadRequest = 'pr'¶
- class TunneledMessage(message_id, message_type, num_chunks)¶
Bases:
object
- add_chunk(chunk_index, contents)¶
- export_contents()¶
- is_complete()¶
- connection_made(transport)¶
Called when a connection is made.
The argument is the transport representing the pipe connection. To receive data, wait for data_received() calls. When the connection is closed, connection_lost() is called.
- datagram_received(data, addr)¶
Called when some datagram is received.
- async generate_dns_tunneling_response_bytes(data)¶
app.contacts.contact_ftp module¶
- class app.contacts.contact_ftp.Contact(services)¶
Bases:
BaseWorld
- check_config()¶
- async ftp_server_python_new()¶
- async ftp_server_python_old()¶
- set_up_server()¶
- setup_ftp_users()¶
- async start()¶
- async stop()¶
- class app.contacts.contact_ftp.FtpHandler(user, contact_svc, file_svc, logger, host, port, username, password, user_dir)¶
Bases:
Server
- async contact_caldera_server(profile)¶
- async create_beacon_response(agent, instructions)¶
- async get_payload_file(payload_dict)¶
- async handle_agent_file(split_file_path, file_bytes)¶
- async stor(connection, rest, mode='wb')¶
- async submit_uploaded_file(paw, filename, data)¶
- write_file(paw, file_name, contents)¶
app.contacts.contact_gist module¶
- class app.contacts.contact_gist.Contact(services)¶
Bases:
BaseWorld
- class GistUpload(upload_id, filename, num_chunks)¶
Bases:
object
- add_chunk(chunk_index, contents)¶
- export_contents()¶
- is_complete()¶
- VALID_TOKEN_FORMATS = ['^[a-fA-F0-9]{40,255}$', '^ghp_[A-Za-z0-9_]{36,251}$']¶
- async get_beacons()¶
Retrieve all GIST beacons for a particular api token :return: the beacons
- async get_results()¶
Retrieve all GIST posted results for a this C2’s api token :return:
- async get_uploads()¶
Retrieve all GIST posted file uploads for this C2’s api token :return: list of (raw content, gist description, gist filename) tuples for upload GISTs
- async gist_operation_loop()¶
- async handle_beacons(beacons)¶
Handles various beacons types (beacon and results)
- async handle_uploads(upload_gist_info)¶
- retrieve_config()¶
- async start()¶
- valid_config(token)¶
- app.contacts.contact_gist.api_access(func)¶
app.contacts.contact_html module¶
app.contacts.contact_http module¶
app.contacts.contact_slack module¶
- class app.contacts.contact_slack.Contact(services)¶
Bases:
BaseWorld
- class SlackUpload(upload_id, filename, num_chunks)¶
Bases:
object
- add_chunk(chunk_index, contents)¶
- export_contents()¶
- is_complete()¶
- async get_beacons()¶
Retrieve all SLACK beacons for a particular api key :return: the beacons
- async get_results()¶
Retrieve all SLACK posted results for a this C2’s api key :return:
- async get_uploads()¶
Retrieve all SLACK posted file uploads for this C2’s api key :return: list of (raw content, slack description, slack filename) tuples for upload SLACKs
- async handle_beacons(beacons)¶
Handles various beacons types (beacon and results)
- async handle_uploads(upload_slack_info)¶
- retrieve_config()¶
- async slack_operation_loop()¶
- async start()¶
- async valid_config()¶
- app.contacts.contact_slack.api_access(func)¶