sdk

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 2, 2026 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CrashSafe         = "CRASH_SAFE"
	CrashUnsafe       = "CRASH_UNSAFE"
	ServiceRestart    = "SERVICE_RESTART"
	ArtifactsOnDisk   = "ARTIFACTS_ON_DISK"
	IOCInLogs         = "IOC_IN_LOGS"
	ConfigChanges     = "CONFIG_CHANGES"
	RepeatableSession = "REPEATABLE_SESSION"
	AccountLockout    = "ACCOUNT_LOCKOUT_POSSIBLE"
)

Standard stability tags.

Variables

This section is empty.

Functions

func CanCheck 

func CanCheck(mod Exploit) bool

CanCheck returns true if the module implements Checker.

func Dedent 

func Dedent(s string) string

Dedent strips the common leading whitespace from all non-empty lines.

func Errorf 

func Errorf(format string, args ...any) error

Errorf is fmt.Errorf, re-exported so modules don't need to import fmt.

func HasOpt 

func HasOpt(opts []Option, name string) bool

func HasOption 

func HasOption(mod Exploit, name string) bool

HasOption returns true if the module declares an option with the given name.

func NameOf 

func NameOf(mod Exploit) string

NameOf returns the registered name of an exploit.

func Names 

func Names() []string

Names returns all registered exploit names in order.

func Register 

func Register(mod Exploit)

Register adds an exploit to the global registry. The name is derived from the caller's file path relative to modules/. callerSkip controls stack depth: use 0 when calling from init() directly, use 1 when called through an intermediary (like sdk.Register wrapper).

func RegisterEnricher 

func RegisterEnricher(fn OptionEnricher)

func Run 

func Run(mod Exploit, opts ...RunOption)

Run starts a standalone single-module CLI. Requires importing _ "github.com/Chocapikk/pik/pkg/cli" to register the runner.

func SetRunner 

func SetRunner(fn func(Exploit, RunOptions))

SetRunner registers the standalone runner function. Called from pkg/cli's init() to break the import cycle.

func Sprintf 

func Sprintf(format string, args ...any) string

Sprintf is fmt.Sprintf, re-exported so modules don't need to import fmt.

Types

type AuthorRank 

type AuthorRank struct {
	Name    string
	Modules int
	CVEs    int
}

AuthorRank holds contributor statistics.

func Rankings 

func Rankings() []AuthorRank

Rankings returns a sorted leaderboard of exploit authors.

type CheckCode 

type CheckCode int
const (
	CheckUnknown CheckCode = iota
	CheckSafe
	CheckDetected
	CheckAppears
	CheckVulnerable
)

func (CheckCode) IsVulnerable 

func (c CheckCode) IsVulnerable() bool

func (CheckCode) String 

func (c CheckCode) String() string

type CheckResult 

type CheckResult struct {
	Code    CheckCode
	Reason  string
	Details map[string]string // version detected, banner, etc.
}

func Detected 

func Detected(reason string) (CheckResult, error)

func Safe 

func Safe(reason string) (CheckResult, error)

func Unknown 

func Unknown(err error) (CheckResult, error)

func Vulnerable 

func Vulnerable(reason string, details ...string) (CheckResult, error)

Check result constructors - match MSF's CheckCode::Vulnerable() style.

func (CheckResult) FormatReason 

func (r CheckResult) FormatReason() string

type Checker 

type Checker interface {
	Check(run *Context) (CheckResult, error)
}

Checker is an optional interface for modules that support vulnerability checking.

type CmdStager 

type CmdStager interface {
	ExecuteCommand(run *Context, cmd string) error
}

CmdStager is a marker interface for modules that support chunked command delivery. When the runner uses cmdstager mode, it sets commands on the Context via SetCommands(). The module reads them with Commands() and delivers them in its Exploit() method, handling its own setup/teardown.

type Context 

type Context struct {

	// Function hooks injected by the runner.
	SendFn       func(Request) (*Response, error)
	StatusFn     func(string, ...any)
	SuccessFn    func(string, ...any)
	ErrorFn      func(string, ...any)
	WarningFn    func(string, ...any)
	Base64BashFn func(string) string
	CommentFn    func(string) string
	RandTextFn   func(int) string
	// contains filtered or unexported fields
}

Context is the execution context passed to exploits. Provides HTTP, logging, payload helpers, and timing.

func NewContext 

func NewContext(values map[string]string, payload string) *Context

NewContext creates a Context with option values and payload command.

func (*Context) Base64Bash 

func (c *Context) Base64Bash(cmd string) string

func (*Context) Commands 

func (c *Context) Commands() []string

Commands returns the CmdStager commands set by the runner. Empty when in single-shot mode.

func (*Context) CommentTrail 

func (c *Context) CommentTrail(cmd string) string

func (*Context) Elapsed 

func (c *Context) Elapsed(start bool) float64

func (*Context) Error 

func (c *Context) Error(format string, args ...any)

func (*Context) Get 

func (c *Context) Get(key string) string

func (*Context) Payload 

func (c *Context) Payload() string

func (*Context) RandText 

func (c *Context) RandText(n int) string

func (*Context) Send 

func (c *Context) Send(req Request) (*Response, error)

func (*Context) SetCommands 

func (c *Context) SetCommands(cmds []string)

SetCommands is called by the runner to inject CmdStager commands.

func (*Context) SetTarget 

func (c *Context) SetTarget(t Target)

SetTarget is called by the runner to set the active target.

func (*Context) Status 

func (c *Context) Status(format string, args ...any)

func (*Context) Success 

func (c *Context) Success(format string, args ...any)

func (*Context) Target 

func (c *Context) Target() Target

Target returns the selected target from module metadata.

func (*Context) Warning 

func (c *Context) Warning(format string, args ...any)

type Exploit 

type Exploit interface {
	Info() Info
	Options() []Option
	Exploit(run *Context) error
}

Exploit is the interface all modules must implement.

func Get 

func Get(name string) Exploit

Get returns an exploit by full path or short name.

func List 

func List() []Exploit

List returns all registered exploits in registration order. 

func Search(query string) []Exploit

Search returns exploits matching query against name, description, or CVEs.

type Info 

type Info struct {
	Description    string
	Detail         string
	Authors        []string
	DisclosureDate string // "2026-01-15"
	Reliability    Reliability
	Stance         Stance
	Privileged     bool // does exploitation yield privileged access?
	Notes          Notes
	References     []Reference
	Queries        []Query
	Targets        []Target
	DefaultOptions map[string]string
}

func (Info) CVEs 

func (info Info) CVEs() []string

func (Info) Platform 

func (info Info) Platform() string

func (Info) TargetStrings 

func (info Info) TargetStrings() []string

type Notes 

type Notes struct {
	Stability   []string // CRASH_SAFE, CRASH_UNSAFE, SERVICE_RESTART
	SideEffects []string // ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES
	Reliability []string // REPEATABLE_SESSION, UNRELIABLE_SESSION
}

type Option 

type Option struct {
	Name     string
	Type     OptionType // defaults to TypeString if empty
	Default  string
	Desc     string
	Required bool
	Advanced bool
	Enums    []string // valid values for TypeEnum
}

func OptAddress 

func OptAddress(name, def, desc string) Option

func OptAdvanced 

func OptAdvanced(opt Option) Option

OptAdvanced marks any option as advanced.

func OptBool 

func OptBool(name string, def bool, desc string) Option

func OptEnum 

func OptEnum(name, def, desc string, values ...string) Option

func OptInt 

func OptInt(name string, def int, desc string) Option

func OptPort 

func OptPort(name string, def int, desc string) Option

func OptRequired 

func OptRequired(name, def, desc string) Option

func OptString 

func OptString(name, def, desc string) Option

func OptTargetURI 

func OptTargetURI(def string) Option

func ResolveOptions 

func ResolveOptions(mod Exploit) []Option

ResolveOptions returns the full option set: module + enrichers + target defaults + module defaults.

func (Option) Validate 

func (o Option) Validate(val string) error

Validate checks if a value is valid for this option.

type OptionEnricher 

type OptionEnricher func(mod Exploit, opts []Option) []Option

type OptionType 

type OptionType string
const (
	TypeString  OptionType = "string"
	TypeInt     OptionType = "int"
	TypeBool    OptionType = "bool"
	TypePort    OptionType = "port"
	TypePath    OptionType = "path"
	TypeAddress OptionType = "address"
	TypeEnum    OptionType = "enum"
)

type Params 

type Params struct {
	Ctx context.Context
	// contains filtered or unexported fields
}

Params holds the resolved option values for a module run.

func NewParams 

func NewParams(ctx context.Context, values map[string]string) Params

NewParams creates a Params with initial values.

func (Params) Arch 

func (p Params) Arch() string

Arch returns the ARCH parameter, defaulting to "amd64".

func (Params) Clone 

func (p Params) Clone() Params

Clone returns a copy of Params with an independent values map.

func (Params) Get 

func (p Params) Get(key string) string

Get returns the value of a parameter.

func (Params) GetOr 

func (p Params) GetOr(key, def string) string

GetOr returns the value of a parameter, or a default if not set.

func (Params) Int 

func (p Params) Int(key string) int

Int returns the value as an integer, or 0 if not parseable.

func (Params) IntOr 

func (p Params) IntOr(key string, def int) int

IntOr returns the value as an integer, or a default if not parseable.

func (Params) Lhost 

func (p Params) Lhost() string

Lhost returns the LHOST parameter.

func (Params) Lport 

func (p Params) Lport() int

Lport returns the LPORT parameter as an integer.

func (Params) Map 

func (p Params) Map() map[string]string

Map returns a copy of all parameter values.

func (Params) Set 

func (p Params) Set(key, value string)

Set sets a parameter value.

func (Params) Srvhost 

func (p Params) Srvhost() string

Srvhost returns the local bind address. Falls back to LHOST.

func (Params) Srvport 

func (p Params) Srvport() int

Srvport returns the local bind port. Falls back to LPORT.

func (Params) Target 

func (p Params) Target() string

Target returns the TARGET parameter.

func (Params) Tunnel 

func (p Params) Tunnel() string

Tunnel returns the tunnel URL if set.

type Pik 

type Pik struct{}

Pik is the base struct embedded by all modules. It provides default implementations for optional interface methods.

func (Pik) Options 

func (Pik) Options() []Option

Options returns the module's declared options (none by default).

type Query 

type Query struct {
	Engine string
	Dork   string
	Scope  string // optional, e.g. "service" or "leak" for LeakIX
}

Query is a search engine dork for finding targets.

func Censys 

func Censys(dork string) Query

func FOFA 

func FOFA(dork string) Query

func Google 

func Google(dork string) Query

func Hunter 

func Hunter(dork string) Query

func LeakIX 

func LeakIX(dork, scope string) Query

func Shodan 

func Shodan(dork string) Query

func ZoomEye 

func ZoomEye(dork string) Query

func (Query) URL 

func (q Query) URL() string

URL returns the direct search URL for this query.

type RefType 

type RefType string

RefType identifies the kind of reference. 

const (
	RefCVE         RefType = "CVE"
	RefGHSA        RefType = "GHSA"
	RefEDB         RefType = "EDB"
	RefPacketstorm RefType = "PACKETSTORM"
	RefVulnCheck   RefType = "VULNCHECK"
	RefURL         RefType = "URL"
)

type Reference 

type Reference struct {
	Type RefType
	ID   string
}

Reference is a vulnerability reference.

func CVE 

func CVE(id string) Reference

func EDB 

func EDB(id string) Reference

func GHSA 

func GHSA(id string) Reference

func Packetstorm 

func Packetstorm(id string) Reference

func URL 

func URL(u string) Reference

func VulnCheck 

func VulnCheck(slug string) Reference

func (Reference) String 

func (r Reference) String() string

func (Reference) URL 

func (r Reference) URL() string

URL returns the full URL for this reference.

type Reliability 

type Reliability int
const (
	Unstable     Reliability = 0
	Unlikely     Reliability = 100
	Difficult    Reliability = 200
	Typical      Reliability = 300
	Reliable     Reliability = 400
	VeryReliable Reliability = 500
	Certain      Reliability = 600
)

func (Reliability) String 

func (r Reliability) String() string

type Request 

type Request struct {
	Method      string
	Path        string
	Query       Values
	Form        Values
	Body        io.Reader
	ContentType string
	Headers     map[string]string
	Timeout     int // seconds
	NoRedirect  bool
}

Request describes an HTTP request from module code.

type Response 

type Response struct {
	StatusCode int
	Body       io.ReadCloser
	// contains filtered or unexported fields
}

Response is an HTTP response for module code.

func (*Response) ContainsAny 

func (r *Response) ContainsAny(substrs ...string) bool

ContainsAny returns true if the response body contains any of the given substrings.

func (*Response) SetContainsFn 

func (r *Response) SetContainsFn(fn func(...string) bool)

SetContainsFn sets the function used by ContainsAny.

type RunOption added in v0.1.4 

type RunOption func(*RunOptions)

RunOption is a functional option for Run.

func WithConsole added in v0.1.4 

func WithConsole() RunOption

WithConsole enables the interactive console subcommand in standalone binaries.

type RunOptions added in v0.1.4 

type RunOptions struct {
	Console bool // Add interactive console subcommand.
}

RunOptions configures standalone binary behavior.

type Stance 

type Stance string
const (
	Aggressive Stance = "aggressive" // may crash target or leave artifacts
	Passive    Stance = "passive"    // read-only, no side effects
)

type Target 

type Target struct {
	Name           string
	Platform       string
	Type           string // module-defined, e.g. "cmd", "dropper"
	Arches         []string
	DefaultOptions map[string]string // per-target option overrides
}

func TargetLinux 

func TargetLinux(arches ...string) Target

func TargetWindows 

func TargetWindows(arches ...string) Target

func (Target) String 

func (t Target) String() string

func (Target) SupportsArch 

func (t Target) SupportsArch(arch string) bool

type Values 

type Values = map[string][]string

Values is a map of string slices, used for query/form parameters.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.