attacks

package
v0.0.0-...-e4ba71b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2025 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Attach bool = false

Set to true if the tool should attach to a pre-existing chrome session (needed to easily bypass bot detection sometimes)

View Source 
var AttachUrl string = ""

Chrome url to attach to

View Source 
var EXFIL_RESULT string
View Source 
var GLOBAL_RESULT string
View Source 
var SHARED_RESULT []byte

Functions

func PasskeyVisit 

func PasskeyVisit(attack *PasskeyAttack, comm chan string)

func QrProxyVisit 

func QrProxyVisit(attack *QrProxyAttack, comm *chan []byte, attackResult AttackResult)

func RegexExtract 

func RegexExtract(content, pattern string) string

func StartAttachedSession 

func StartAttachedSession()

Used only in special cases for PoCs, does not support concurrency

func Visit 

func Visit(attack *Attack, comm chan AttackResult)

Types

type Attack 

type Attack struct {
	Url                 string                                                          // Main Url to visit
	RedirectURL         string                                                          // URL to redirect victim to (for higher impact)
	Actions             []chromedp.Action                                               // Actions of the headless browser
	CustomExtraction    func(string, string) string                                     // Custom action to extract the deep link
	RequestInterception func(ev *fetch.EventRequestPaused) *fetch.ContinueRequestParams // Action to modify request to get deep link
	Path                string                                                          // Path to host attack on
	Fixed               bool                                                            // Attack is fixed
	Type                AttackType                                                      // Type of attack
	CustomBrowserFlags  []chromedp.ExecAllocatorOption                                  // Custom flags to pass to the headless browser
	ExfiltrationSteps   []chromedp.Action                                               // Headless browsers steps to be taken to exfiltrate data (not required)
	ExfilArea           string                                                          // XPath for text to extract out of the page after exfiltration steps
	MimicUserAgent      bool                                                            // If the authentication request should be made mirroring the user agent observed from the victim
}

func DemoAbleAttacks 

func DemoAbleAttacks() []Attack

func (Attack) Result 

func (a Attack) Result(deepLink string) AttackResult

type AttackResult 

type AttackResult struct {
	Id           string
	DeepLink     string
	ExfilChannel chan string
}

func NewAttackResult 

func NewAttackResult(deepLink string) AttackResult

type AttackType 

type AttackType struct {
	Name      string
	Regex     string // Regex matching the desired deep link
	Prefix    string // Deep link prefix needed when rebuilding deep links
	ReturnArg string // Some protocols embed a "return" query parameter, if you want to play with that, set the return arg to the name of that parameter
}
var BankIDAttack AttackType = AttackType{
	Name:      "bankid",
	Regex:     `(bankid:\/\/\/)?\?autostarttoken=[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}&redirect=(\w+)?`,
	Prefix:    "bankid:///",
	ReturnArg: "redirect",
}

func (*AttackType) Extract 

func (at *AttackType) Extract(content string) string

Extracts the deep link using attack details

func (*AttackType) ModifyReturn 

func (at *AttackType) ModifyReturn(url, replace string) string

Modifies the return argument when provided

type PasskeyAttack 

type PasskeyAttack struct {
	Url                string                         // Main Url to visit
	Actions            []chromedp.Action              // Actions of the headless browser
	Path               string                         // Path to host attack on
	CustomBrowserFlags []chromedp.ExecAllocatorOption // Custom flags to pass to the headless browser
	AddDiscoverable    bool                           // Will add the discoverable flag set to true to the FIDO:/ uri
}

func PasskeyProxyAttacks 

func PasskeyProxyAttacks() []PasskeyAttack

type QrProxyAttack 

type QrProxyAttack struct {
	Url                string                         // Main Url to visit
	Length             int                            // Length of attack in milliseconds
	Sleep              int                            // Milliseconds to wait after reaching target QR code page to start taking screenshots
	Actions            []chromedp.Action              // Actions of the headless browser
	Path               string                         // Path to host attack on
	CustomBrowserFlags []chromedp.ExecAllocatorOption // Custom flags to pass to the headless browser
	QRCodeXPath        string                         // XPATH of the qr-code element
	ExfilArea          string                         // XPath for text to extract out of the page after auth
}

func DemoQRProxyAttacks 

func DemoQRProxyAttacks() []QrProxyAttack

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.