Documentation
¶
Index ¶
Constants ¶
View Source
const (
// DecoderName is the name for the credentials decoder
DecoderName = "Credentials"
)
Variables ¶
View Source
var Decoder = &decoder.AbstractDecoder{ Name: DecoderName, Description: "Credentials represent a user and password combination to authenticate to a service", Type: types.Type_NC_Credentials, PostInit: func(d *decoder.AbstractDecoder) (err error) { useHarvesters = true credLog, _, err = logging.InitZapLogger( decoderconfig.Instance.Out, "credentials", decoderconfig.Instance.Debug, ) if err != nil { return err } if decoderconfig.Instance.CustomRegex != "" { r, errCompile := regexp.Compile(decoderconfig.Instance.CustomRegex) if errCompile != nil { return errCompile } tcpConnectionHarvesters = append(tcpConnectionHarvesters, func(data []byte, ident string, ts time.Time) *types.Credentials { matches := r.FindSubmatch(data) if len(matches) > 1 { notes := "" for _, m := range matches { notes += " " + string(m) + " " } return &types.Credentials{ Notes: notes, } } return nil }) } return nil }, DeInit: func(sd *decoder.AbstractDecoder) error { return credLog.Sync() }, }
Decoder for protocol analysis and writing audit records to disk.
Functions ¶
func RunHarvesters ¶
RunHarvesters will use the service probes to determine the service type based on the provided banner.
func WriteCredentials ¶
func WriteCredentials(creds *types.Credentials)
WriteCredentials is a util that should be used to write credential audit to disk it will deduplicate the audit records to avoid repeating information on disk.
Types ¶
This section is empty.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.