Version: v0.0.0-...-650caf5 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2019 License: BSD-3-Clause Imports: 15 Imported by: 0




View Source
const (
	// Name of this module
	Name = "tracker"

	// Description of this module
	Description = "Uniquely track clients via unique identifiers, while harvesting for web credentials and sessions"

	// Author of this module
	Author = "Muraena Team"


This section is empty.


func InnerSubstring

func InnerSubstring(str string, prefix string, suffix string) string

InnerSubstring returns the string contained between prefix and suffix


type Trace

type Trace struct {
	ID string

Trace object structure

func (*Trace) ExtractCredentials

func (t *Trace) ExtractCredentials(body string, request *http.Request) (found bool, err error)

ExtractCredentials extracts credentials from a request body and stores within a VictimCredentials object

func (*Trace) HijackSession

func (t *Trace) HijackSession(request *http.Request) (err error)

If the request URL matches those defined in authSession in the config, then pass the cookies in the CookieJar to necrobrowser to hijack the session

func (*Trace) IsValid

func (t *Trace) IsValid() bool

IsValid validates the tracking value

type Tracker

type Tracker struct {

	Enabled        bool
	Identifier     string
	ValidatorRegex *regexp.Regexp

	Victims sync.Map

Tracker module

func Load

func Load(s *session.Session) (m *Tracker, err error)

Load configures the module by initializing its main structure and variables

func (*Tracker) AddToCookieJar

func (module *Tracker) AddToCookieJar(v *Victim, cookie necrobrowser.SessionCookie)

func (*Tracker) Author

func (module *Tracker) Author() string

Author returns the module author

func (*Tracker) Description

func (module *Tracker) Description() string

Description returns the module description

func (*Tracker) GetVictim

func (module *Tracker) GetVictim(t *Trace) (v *Victim, err error)

GetVictim returns a victim

func (*Tracker) IsEnabled

func (module *Tracker) IsEnabled() bool

IsEnabled returns a boolead to indicate if the module is enabled or not

func (*Tracker) Name

func (module *Tracker) Name() string

Name returns the module name

func (*Tracker) Push

func (module *Tracker) Push(v *Victim)

Push another Victim to the Tracker

func (*Tracker) ShowCredentials

func (module *Tracker) ShowCredentials()

ShowCredentials prints the credentials in the CLI

func (*Tracker) ShowVictims

func (module *Tracker) ShowVictims()

ShowVictims prints the Victims in the CLI

func (*Tracker) TrackRequest

func (module *Tracker) TrackRequest(request *http.Request) (t *Trace)

TrackRequest tracks an HTTP Request

func (*Tracker) TrackResponse

func (module *Tracker) TrackResponse(response *http.Response) (victim *Victim)

TrackResponse tracks an HTTP Response

type Victim

type Victim struct {
	ID        string // UUID
	IP        string
	UA        string
	FirstSeen time.Time
	LastSeen  time.Time
	Username  string
	Password  string
	Token     string // 2FA token

	Credentials []*VictimCredentials

	// map of "cookie name" -> SessionCookie struct
	Cookies sync.Map

	RequestCount int

Victim identifies a User-Agent being tracked

type VictimCredentials

type VictimCredentials struct {
	Key   string
	Value string
	Time  time.Time

VictimCredentials structure

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL