gomythic

package module
v0.0.0-...-59b6822 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

README

Mythic GoLang Scripting Interface

The gomythic package creates a way to interact and control a Mythic instance programmatically and is the GoLang implementation of the Python mythic package. Mythic is a Command and Control (C2) framework for Red Teaming. The code is on GitHub (https://github.com/its-a-feature/Mythic) and the Mythic project's documentation is on GitBooks (https://docs.mythic-c2.net).

Installation

You can install the mythic scripting interface from github using go get:

go get github.com/antman1p/gomythic@latest

Then import the package into your git project file from where you intend to interact with Mythic. For example:

package main

import (
	"log"
	"os"
	"strconv"

	"github.com/joho/godotenv"
	mythic "github.com/antman1p/gomythic"
)

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CallbacksToInterfaces 

func CallbacksToInterfaces(callbacks []Callback) []interface{}

Convert []Callback to []interface{}

func FilterResponse 

func FilterResponse(response []interface{}, attributes []string) ([]map[string]interface{}, error)

FilterResponse filters the response according to the provided attributes.

func HeaderToMap 

func HeaderToMap(header http.Header) map[string]interface{}

HeaderToMap is assumed to convert http.Header to a map[string]interface{} type. Replace this with your actual function if it is different.

func TaskFragmentsToInterfaces 

func TaskFragmentsToInterfaces(taskFragments []TaskFragment) []interface{}

func TasksToInterfaces 

func TasksToInterfaces(tasks []TaskFragment) []interface{}

Convert []TaskFragment to []interface{}

Types

type ActiveCallbackQuery 

type ActiveCallbackQuery struct {
	Callback []Callback `graphql:"callback(where: {active: {_eq: true}}, order_by: {id: asc})"`
}

type Callback 

type Callback struct {
	Architecture    string          `graphql:"architecture"`
	Description     string          `graphql:"description"`
	Domain          string          `graphql:"domain"`
	ExternalIP      string          `graphql:"external_ip"`
	Host            string          `graphql:"host"`
	ID              int             `graphql:"id"`
	DisplayID       int             `graphql:"display_id"`
	IntegrityLevel  int             `graphql:"integrity_level"`
	IP              string          `graphql:"ip"`
	ExtraInfo       string          `graphql:"extra_info"`
	SleepInfo       string          `graphql:"sleep_info"`
	PID             int             `graphql:"pid"`
	OS              string          `graphql:"os"`
	User            string          `graphql:"user"`
	AgentCallbackID string          `graphql:"agent_callback_id"`
	OperationID     int             `graphql:"operation_id"`
	ProcessName     string          `graphql:"process_name"`
	Payload         CallbackPayload `graphql:"payload"`
}

Defining struct for Callback

type CallbackPayload 

type CallbackPayload struct {
	OS          string              `graphql:"os"`
	PayloadType CallbackPayloadType `graphql:"payloadtype"`
	Description string              `graphql:"description"`
	UUID        string              `graphql:"uuid"`
}

Defining struct for Payload

type CallbackPayloadType 

type CallbackPayloadType struct {
	Name string `graphql:"name"`
}

Defining struct for PayloadType

type CallbackQuery 

type CallbackQuery struct {
	Callback []Callback `graphql:"callback(order_by: {id: asc})"`
}

type CreateAPITokenMutation 

type CreateAPITokenMutation struct {
	CreateAPIToken struct {
		ID         int    `graphql:"id"`
		TokenValue string `graphql:"token_value"`
		Status     string `graphql:"status"`
		Error      string `graphql:"error"`
		OperatorID int    `graphql:"operator_id"`
	} `graphql:"createAPIToken(token_type: $token_type)"`
}

type CreateAPITokenVariables 

type CreateAPITokenVariables struct {
	TokenType string `graphql:"token_type"`
}

type CreateTaskMutation 

type CreateTaskMutation struct {
	CreateTask struct {
		Status    MythicStatus `graphql:"status"`
		ID        int          `graphql:"id"`
		DisplayID int          `graphql:"display_id"`
		Error     string       `graphql:"error"`
	} `` /* 221-byte string literal not displayed */
}

type GetAPITokensQuery 

type GetAPITokensQuery struct {
	APITokens []struct {
		TokenValue string `graphql:"token_value"`
		Active     bool   `graphql:"active"`
		ID         int    `graphql:"id"`
	} `graphql:"apitokens(where: {active: {_eq: true}})"`
}

type Mythic 

type Mythic struct {
	Username           string `json:"username"`
	Password           string `json:"password"`
	APIToken           string `json:"apitoken"`
	AccessToken        string `json:"access_token"`
	RefreshToken       string `json:"refresh_token"`
	ServerIP           string `json:"server_ip"`
	ServerPort         int    `json:"server_port"`
	SSL                bool   `json:"ssl"`
	HTTP               string `json:"-"`
	WS                 string `json:"-"`
	GlobalTimeout      int    `json:"global_timeout"`
	ScriptingVersion   string `json:"scripting_version"`
	CurrentOperationID int    `json:"current_operation_id"`
	Schema             string `json:"schema"`
}

func Login 

func Login(mythicManager *MythicManager, serverIP string, serverPort int, username, password, apiToken string, ssl bool, timeout, loggingLevel int) (*Mythic, error)

Login sets up a new Mythic instance and tries to authenticate with the provided credentials or API token.

func (*Mythic) AuthenticateToMythic 

func (mythic *Mythic) AuthenticateToMythic() error

AuthenticateToMythic function sends a POST request to authenticate to the Mythic server with the provided username and password.

func (*Mythic) CreateAPIToken 

func (m *Mythic) CreateAPIToken() error

CreateAPIToken function sends a GraphQL mutation to the Mythic server to create a new API token.

func (*Mythic) ExecuteCustomQuery 

func (m *Mythic) ExecuteCustomQuery(query string, variables map[string]interface{}, result interface{}) error

ExecuteCustomQuery sends a custom GraphQL query to the server and unmarshals the response into result.

func (*Mythic) FetchGraphQLSchema 

func (m *Mythic) FetchGraphQLSchema() (string, error)

UNTESTED FetchGraphQLSchema function sends an HTTP GET request to the Mythic server to retrieve the GraphQL schema and returns it as a string.

func (*Mythic) GetAllActiveCallbacks 

func (m *Mythic) GetAllActiveCallbacks(customReturnAttributes []string) ([]map[string]interface{}, error)

GetAllActiveCallbacks sends a GraphQL query to fetch all active callbacks from the server.

func (*Mythic) GetAllCallbacks 

func (m *Mythic) GetAllCallbacks(customReturnAttributes []string) ([]map[string]interface{}, error)

GetAllCallbacks sends a GraphQL query to fetch all callbacks from the server.

func (*Mythic) GetAllSubtaskIDs 

func (m *Mythic) GetAllSubtaskIDs(taskDisplayID int, fetchDisplayIDInstead bool) ([]int, error)

This function gets all the subtask IDs for a particular task, identified by its DisplayID. If fetchDisplayIDInstead is true, it fetches DisplayIDs instead of normal IDs.

func (*Mythic) GetAllTaskOutputByID 

func (m *Mythic) GetAllTaskOutputByID(taskDisplayID int) ([]TaskOutputFragment, error)

This function retrieves all the output for a specific task, identified by its DisplayID.

func (*Mythic) GetAllTasks 

func (m *Mythic) GetAllTasks(callbackDisplayID *int, customReturnAttributes []string) ([]map[string]interface{}, error)

GetAllTasks sends a GraphQL query to fetch all tasks associated with a callback from the server.

func (*Mythic) GetHTTPTransport 

func (m *Mythic) GetHTTPTransport() (http.RoundTripper, string)

GetHTTPTransport function sets up the HTTP transport using the defined server configuration in Mythic struct. It also sets up custom headers for the requests using the GetHeaders function.

func (*Mythic) GetHeaders 

func (m *Mythic) GetHeaders() http.Header

GetHeaders function sets up the custom headers for the request based on the provided API token or Access token in the Mythic struct.

func (*Mythic) GraphQLSubscription 

func (m *Mythic) GraphQLSubscription(ctx context.Context, subscription interface{}, variables map[string]interface{}, timeout int) (<-chan interface{}, error)

GraphQLSubscription function sets up the GraphQL subscription using the provided parameters.

func (*Mythic) GraphqlPost 

func (m *Mythic) GraphqlPost(operation interface{}, variables map[string]interface{}, operationType string) error

GraphqlPost function performs a GraphQL query or mutation using the Hasura GraphQL client.

func (*Mythic) HandleAPITokens 

func (mythic *Mythic) HandleAPITokens() error

HandleAPITokens function fetches the API tokens associated with the user from the Mythic server using a GraphQL query.

func (*Mythic) HttpGet 

func (m *Mythic) HttpGet(url string) ([]byte, error)

UNTESTED HttpGet function sends a GET request to the specified URL and returns the raw response.

func (*Mythic) HttpGetChunked 

func (m *Mythic) HttpGetChunked(url string, chunkSize int) (<-chan []byte, error)

UNTESTED HttpGetChunked function sends a GET request to the specified URL and returns the response in chunks.

func (*Mythic) HttpGetDictionary 

func (m *Mythic) HttpGetDictionary(url string) (map[string]interface{}, error)

UNTESTED HttpGetDictionary function sends a GET request to the specified URL and returns the response as a dictionary.

func (*Mythic) HttpPost 

func (m *Mythic) HttpPost(url string, data map[string]interface{}) (map[string]interface{}, error)

HttpPost function sends a POST request to the specified URL with the provided data as JSON. The request is sent using the HTTP transport set up in the GetHTTPTransport function.

func (*Mythic) HttpPostForm 

func (m *Mythic) HttpPostForm(data url.Values, url string) (map[string]interface{}, error)

UNTESTED HttpPostForm function sends a POST request to the specified URL with the provided data as form values.

func (*Mythic) IssueTask 

func (m *Mythic) IssueTask(commandName string, parameters interface{}, callbackDisplayID int, tokenID *int, originalParams interface{}, parameterGroupName interface{}, waitForComplete bool, timeout *int) (*CreateTaskMutation, error)

IssueTask sends a task to a callback and optionally waits for it to complete.

func (*Mythic) IssueTaskAndWaitForOutput 

func (m *Mythic) IssueTaskAndWaitForOutput(commandName string, parameters interface{}, callbackDisplayId int, tokenId int, originalParams interface{}, parameterGroupName interface{}, waitForComplete bool, timeout int) ([]byte, error)

IssueTaskAndWaitForOutput sends a task to a callback, waits for it to complete, and then retrieves its output.

func (*Mythic) LoadMythicSchema 

func (m *Mythic) LoadMythicSchema() bool

UNTESTED LoadMythicSchema function fetches the GraphQL schema from the Mythic server and stores it in the Mythic struct.

func (*Mythic) SetMythicDetails 

func (mythic *Mythic) SetMythicDetails(serverIP string, serverPort int, username, password, apiToken string, ssl bool, timeout int) *graphql.Client

SetMythicDetails function sets up the Mythic struct with the provided server details and returns a new GraphQL client.

func (*Mythic) String 

func (m *Mythic) String() string

func (*Mythic) WaitForTaskComplete 

func (m *Mythic) WaitForTaskComplete(taskDisplayID int, customReturnAttributes *string, timeout *int) (*CreateTaskMutation, error)

WaitForTaskComplete subscribes to task updates and waits for the task to complete or fail.

func (*Mythic) WaitForTaskOutput 

func (m *Mythic) WaitForTaskOutput(taskDisplayID int, timeout *int) ([]byte, error)

This function is responsible for waiting for the output of a specific task 

identified by its display ID.
The output will be collected and returned as a byte array.
A timeout can be provided to stop waiting after a specific duration.

type MythicManager 

type MythicManager struct {
	// contains filtered or unexported fields
}

func NewMythicManager 

func NewMythicManager() *MythicManager

func (*MythicManager) GetMythicInstance 

func (mm *MythicManager) GetMythicInstance() *Mythic

func (*MythicManager) InvalidateMythicInstance 

func (mm *MythicManager) InvalidateMythicInstance()

type MythicStatus 

type MythicStatus string
const (
	Error         MythicStatus = "error"
	Completed     MythicStatus = "completed"
	Processed     MythicStatus = "processed"
	Processing    MythicStatus = "processing"
	Preprocessing MythicStatus = "preprocessing"
	Delegating    MythicStatus = "delegating"
	Submitted     MythicStatus = "submitted"
)

func (MythicStatus) Equals 

func (s MythicStatus) Equals(obj interface{}) bool

func (MythicStatus) GreaterThanOrEqual 

func (s MythicStatus) GreaterThanOrEqual(obj interface{}) bool

func (MythicStatus) String 

func (s MythicStatus) String() string

type MythicWebSocketHandler 

type MythicWebSocketHandler struct {
	Conn *websocket.Conn
	// contains filtered or unexported fields
}

func (*MythicWebSocketHandler) Close 

func (h *MythicWebSocketHandler) Close() error

Close function closes the WebSocket connection.

func (*MythicWebSocketHandler) GetCloseStatus 

func (h *MythicWebSocketHandler) GetCloseStatus(err error) int32

GetCloseStatus function gets the close status of the WebSocket connection.

func (*MythicWebSocketHandler) Ping 

func (h *MythicWebSocketHandler) Ping() error

Ping sends a ping message through the WebSocket connection This is a simple implementation and might need to be adjusted based on actual requirements

func (*MythicWebSocketHandler) ReadJSON 

func (h *MythicWebSocketHandler) ReadJSON(v interface{}) error

ReadJSON function reads JSON data from the WebSocket connection.

func (*MythicWebSocketHandler) SetReadLimit 

func (h *MythicWebSocketHandler) SetReadLimit(limit int64)

SetReadLimit function sets the read limit for the WebSocket connection.

func (*MythicWebSocketHandler) WriteJSON 

func (h *MythicWebSocketHandler) WriteJSON(v interface{}) error

WriteJSON function writes JSON data to the WebSocket connection.

type Task 

type Task struct {
	Responses []UserOutputFragment `graphql:"responses(order_by: {id: asc})"`
}

type TaskFragment 

type TaskFragment struct {
	Callback struct {
		ID        int `graphql:"id"`
		DisplayID int `graphql:"display_id"`
	} `graphql:"callback"`
	ID        int `graphql:"id"`
	DisplayID int `graphql:"display_id"`
	Operator  struct {
		Username string `graphql:"username"`
	} `graphql:"operator"`
	Status         MythicStatus `graphql:"status"`
	Completed      bool         `graphql:"completed"`
	OriginalParams string       `graphql:"original_params"`
	DisplayParams  string       `graphql:"display_params"`
	Timestamp      string       `graphql:"timestamp"`
	CommandName    string       `graphql:"command_name"`
	Tasks          []struct {
		ID int `graphql:"id"`
	} `graphql:"tasks"`
	Token struct {
		TokenID string `graphql:"token_id"`
	} `graphql:"token"`
}

type TaskOutput 

type TaskOutput struct {
	Response []TaskOutputFragment `graphql:"response(order_by: {id: asc}, where: {task:{display_id: {_eq: $task_display_id}}})"`
}

type TaskOutputFragment 

type TaskOutputFragment struct {
	ID           int    `graphql:"id"`
	Timestamp    string `graphql:"timestamp"`
	ResponseText string `graphql:"response_text"`
	Task         struct {
		ID          int          `graphql:"id"`
		DisplayID   int          `graphql:"display_id"`
		Status      MythicStatus `graphql:"status"`
		Completed   bool         `graphql:"completed"`
		AgentTaskID string       `graphql:"agent_task_id"`
		CommandName string       `graphql:"command_name"`
	} `graphql:"task"`
}

type TaskQuery 

type TaskQuery struct {
	Task []TaskFragment `graphql:"task(order_by: {id: desc})"`
}

type TaskQueryWithCallback 

type TaskQueryWithCallback struct {
	Task []TaskFragment `graphql:"task(where: {callback: {display_id: {_eq: $callbackDisplayID}}}, order_by: {id: asc})"`
}

type TaskWaitForOutputSubscription 

type TaskWaitForOutputSubscription struct {
	TaskStream []Task `` /* 130-byte string literal not displayed */
}

type TaskWaitForOutputSubscriptionVariables 

type TaskWaitForOutputSubscriptionVariables struct {
	DisplayID int `graphql:"display_id"`
}

type TaskWaitForStatusSubscription 

type TaskWaitForStatusSubscription struct {
	TaskStream []TaskFragment `` /* 130-byte string literal not displayed */
}

type TaskWaitForStatusSubscriptionVariables 

type TaskWaitForStatusSubscriptionVariables struct {
	DisplayID int `graphql:"display_id"`
}

type UpdateCallbackInformationMutation 

type UpdateCallbackInformationMutation struct {
	UpdateCallback struct {
		Status MythicStatus `graphql:"status"`
		Error  string       `graphql:"error"`
	} `` /* 295-byte string literal not displayed */
}

type UserOutputFragment 

type UserOutputFragment struct {
	ResponseText string `graphql:"response_text"`
	Timestamp    string `graphql:"timestamp"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.