Documentation ¶
Overview ¶
Package coldfire is a framework that provides functions for malware development that are mostly compatible with Linux and Windows operating systems.
Package coldfire is a framework that provides functions for malware development that are mostly compatible with Linux and Windows operating systems.
Index ¶
- Variables
- func AddPersistentCommand(cmd string) error
- func Alloc(size string)
- func B64D(str string) string
- func B64E(str string) string
- func BannerGrab(target string, port int) (string, error)
- func Bind(port int)
- func ClearLogs() error
- func CmdBlind(command string)
- func CmdDir(dirs_cmd map[string]string) ([]string, error)
- func CmdOut(command string) (string, error)
- func CmdOutPlatform(commands map[string]string) (string, error)
- func CmdRun(command string)
- func Contains(s interface{}, elem interface{}) bool
- func ContainsAny(str string, elements []string) bool
- func CopyFile(src, dst string) error
- func CreateWordlist(words []string) []string
- func CredentialsSniff(ifac, interval string, collector chan string, words []string) error
- func DecryptBytes(encrypted_message []byte, key []byte) []byte
- func Disks() ([]string, error)
- func DnsLookup(hostname string) ([]string, error)
- func Download(url string) error
- func EncryptBytes(secret_message []byte, key []byte) []byte
- func EraseMbr(device string, partition_table bool) error
- func Exists(file string) bool
- func ExitOnError(e error)
- func ExpandCidr(cidr string) ([]string, error)
- func ExtractIntFromString(s string) []int
- func F(str string, arg ...interface{}) string
- func FilePermissions(filename string) (bool, bool)
- func FileToSlice(file string) []string
- func FilesPattern(directory, pattern string) (map[string]string, error)
- func Forkbomb()
- func FullRemove(str string, to_remove string) string
- func GenCpuLoad(cores int, interval string, percentage int)
- func GenerateIV() []byte
- func GenerateKey() []byte
- func GetGatewayIP() string
- func GetGlobalIp() string
- func GetLocalIp() string
- func GetNgrokURL() (string, error)
- func Iface() (string, string)
- func Ifaces() []string
- func Info() map[string]string
- func IntToStr(i int) string
- func IntervalToSeconds(interval string) int
- func IpIncrement(ip net.IP)
- func IsRoot() bool
- func KillProcByPID(pid int) error
- func MD5Hash(str string) string
- func MakeZip(zip_file string, files []string) error
- func Networks() ([]string, error)
- func PkillAv() error
- func PkillName(name string) error
- func PkillPid(pid int) error
- func Portscan(target string, timeout, threads int) (pr []int)
- func PortscanSingle(target string, port int) bool
- func PrintError(msg string)
- func PrintGood(msg string)
- func PrintInfo(msg string)
- func PrintWarning(msg string)
- func Processes() (map[int]string, error)
- func RandomInt(min int, max int) int
- func RandomSelectInt(list []int) int
- func RandomSelectStr(list []string) string
- func RandomSelectStrNested(list [][]string) []string
- func RandomString(n int) string
- func RdnsLookup(ip string) ([]string, error)
- func ReadFile(filename string) (string, error)
- func RegexMatch(regex_type, str string) bool
- func Remove()
- func RemoveDuplicatesInt(slice []int) []int
- func RemoveDuplicatesStr(slice []string) []string
- func RemoveFromSlice(slice []string, element string) []string
- func RemoveInt(slice []int, s int) []int
- func RemoveNewlines(s string) string
- func RemoveStr(slice []string, s string) []string
- func Reverse(host string, port int)
- func Revert(s string) string
- func RevertSlice(s interface{})
- func SandboxAll() bool
- func SandboxAlln(num int) bool
- func SandboxCpu(cores int) bool
- func SandboxFilepath() bool
- func SandboxMac() bool
- func SandboxProc() bool
- func SandboxProcnum(proc_num int) bool
- func SandboxRam(ram_mb int) bool
- func SandboxSleep() bool
- func SandboxTmp(entries int) bool
- func SandboxUtc() bool
- func SendDataTCP(host string, port int, data string) error
- func SendDataUDP(host string, port int, data string) error
- func ShuffleSlice(s []string) []string
- func Shutdown() error
- func SizeToBytes(size string) int
- func SplitChunks(s string, chunk int) []string
- func SplitJoin(s, splitter, joiner string) string
- func SplitMultiSep(s string, seps []string) []string
- func StartNgrokHTTP(port int) error
- func StartNgrokTCP(port int) error
- func StrToInt(string_integer string) int
- func StrToWords(s string) []string
- func TraverseCurrentDir() ([]string, error)
- func TraverseDir(dir string) ([]string, error)
- func Users() ([]string, error)
- func Wait(interval string)
- func WifiDisconnect() error
- func Wipe() error
- func WriteFile(filename, data string) error
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func AddPersistentCommand ¶
AddPersistentCommand creates a task that runs a given command on startup.
func BannerGrab ¶
Bannergrab returns a service banner string from a given port.
func CmdDir ¶
CmdDir executes commands which are mapped to a string indicating the directory where the command is executed.
func CmdOutPlatform ¶
CmdOutPlatform executes a given set of commands based on the OS of the machine.
func CmdRun ¶
func CmdRun(command string)
CmdRun executes a command and writes output as well as error to STDOUT.
func Contains ¶
func Contains(s interface{}, elem interface{}) bool
Contains is used to check if an element exists in an array type agnostically.
func ContainsAny ¶
ContainsAny checks if a string exists within a list of strings.
func CreateWordlist ¶
CreateWordList generates possible variations of each word in the wordlist.
func CredentialsSniff ¶
CredentialsSniff is used to sniff network traffic for private user information.
func DecryptBytes ¶
func EncryptBytes ¶
func ExitOnError ¶
func ExitOnError(e error)
ExitOnError prints a given error and then stops execution of the process.
func ExpandCidr ¶
ExpandCidr returns a list of Ip addresses within a given CIDR.
func ExtractIntFromString ¶
ExtractIntFromString extracts a list of possible integers from a given string.
func FilePermissions ¶
FilePermissions checks if a given file has read and write permissions.
func FileToSlice ¶
FileToSlice reads a textfile and returns all lines as an array.
func FilesPattern ¶
FilesPattern is used to return data mapped to files where their filenames match a given pattern.
func FullRemove ¶
FullRemove removes all instances of a string from another string.
func GenCpuLoad ¶
GenCpuLoad gives the Cpu work to do by spawning goroutines.
func GenerateIV ¶
func GenerateIV() []byte
func GenerateKey ¶
func GenerateKey() []byte
func GetGatewayIP ¶
func GetGatewayIP() string
GetGatewayIP returns the Ip address of the gateway in the network where the machine resides.
func GetGlobalIp ¶
func GetGlobalIp() string
GetGlobalIp is used to return the global Ip address of the machine.
func GetLocalIp ¶
func GetLocalIp() string
GetLocalIp is used to get the local Ip address of the machine.
func GetNgrokURL ¶
GetNgrokURL returns the URL of the Ngrok tunnel exposing the machine.
func Info ¶
Info is used to return basic system information. Note that if information can not be resolved in a specific field it returns "N/A"
func IntervalToSeconds ¶
IntervalToSeconds converts a human friendly string indicating time into a proper integer.
func IsRoot ¶
func IsRoot() bool
IsRoot checks if the current user is the administrator of the machine.
func PkillAv ¶
func PkillAv() error
PkillAv kills Anti-Virus processes that may run within the machine.
func PortscanSingle ¶
PortscanSingle checks if a specific port is open in a given target.
func PrintError ¶
func PrintError(msg string)
PrintError is used to print output indicating failure.
func PrintInfo ¶
func PrintInfo(msg string)
PrintInfo is used to print output containing information.
func PrintWarning ¶
func PrintWarning(msg string)
PrintWarning is used to print output indicating potential failure.
func RandomSelectInt ¶
RandomSelectInt returns an integer that was randomly selected from a list of integers.
func RandomSelectStr ¶
RandomSelectStr returns a string that was randomly selected from a list of strings.
func RandomSelectStrNested ¶
RandomSelectStrNested returns a string array that was randomly selected from a nested list of strings
func RandomString ¶
RandomString randomly generates an alphabetic string of a given length.
func RdnsLookup ¶
RdnsLookup returns the list of hostnames associated with the given Ip address.
func RegexMatch ¶
RegexMatch checks if a string contains valuable information through regex.
func RemoveDuplicatesInt ¶
RemoveDuplicatesInt returns an array of integers that are unique to each other.
func RemoveDuplicatesStr ¶
RemoveDuplicatesStr returns an array of strings that are unique to each other.
func RemoveFromSlice ¶
RemoveFromSlice removes a string from a list of strings if it exists.
func RemoveNewlines ¶
RemoveNewLines removes possible newlines from a string.
func SandboxAll ¶
func SandboxAll() bool
SandboxAll is used to check if an environment is virtualized by testing all sandbox checks.
func SandboxAlln ¶
SandboxAlln checks if an environment is virtualized by testing all sandbox checks and checking if the number of successful checks is equal or greater to a given integer.
func SandboxCpu ¶
SandboxDisk is used to check if the environment's disk space is less than a given size.
sandboxDisk is missing dependency
func SandboxDisk(size int) bool { return sandboxDisk(size) }
SandboxCpu is used to check if the environment's cores are less than a given integer.
func SandboxFilepath ¶
func SandboxFilepath() bool
SandboxFilePath checks if the process is being run inside a virtualized environment.
func SandboxMac ¶
func SandboxMac() bool
SandboxMac is used to check if the environment's MAC address matches standard MAC adddresses of virtualized environments.
func SandboxProc ¶
func SandboxProc() bool
SandboxProc checks if there are processes that indicate a virtualized environment.
func SandboxProcnum ¶
SandboxProcnum is used to check if the environment has processes less than a given integer.
func SandboxRam ¶
SandboxRam is used to check if the environment's RAM is less than a given size.
func SandboxSleep ¶
func SandboxSleep() bool
SandboxSleep is used to check if the virtualized environment is speeding up the sleeping process.
func SandboxTmp ¶
SandboxTmp is used to check if the environment's temporary directory has less files than a given integer.
func SandboxUtc ¶
func SandboxUtc() bool
SandboxUtc is used to check if the environment is in a properly set Utc timezone.
func SendDataTCP ¶
SendDataTCP sends data to a given host:port using the TCP protocol.
func SendDataUDP ¶
SendDataUDP sends data to a given host:port using the UDP protocol.
func ShuffleSlice ¶
ShuffleSlice randomly shuffles a list of strings.
func SizeToBytes ¶
SizeToBytes converts a human friendly string indicating size into a proper integer.
func SplitChunks ¶
func SplitMultiSep ¶
func StartNgrokHTTP ¶
StartNgrokHTTP exposes a web server on a given port.
func StartNgrokTCP ¶
StartNgrokTCP exposes a TCP server on a given port.
func StrToWords ¶
StrToWords returns a list of strings which was split by spaces.
func TraverseCurrentDir ¶
TraverseCurrentDir lists all files that exist within the current directory.
func TraverseDir ¶
TraverseDir lists all files that exist within a given directory.
func Wait ¶
func Wait(interval string)
Wait uses a human friendly string that indicates how long a system should wait.
func WifiDisconnect ¶
func WifiDisconnect() error
WifiDisconnect is used to disconnect the machine from a wireless network.
Types ¶
This section is empty.