tracking

package
Version: v0.0.0-...-650caf5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2019 License: BSD-3-Clause Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// Name of this module
	Name = "tracker"

	// Description of this module
	Description = "Uniquely track clients via unique identifiers, while harvesting for web credentials and sessions"

	// Author of this module
	Author = "Muraena Team"
)

Variables

This section is empty.

Functions

func InnerSubstring

func InnerSubstring(str string, prefix string, suffix string) string

InnerSubstring returns the string contained between prefix and suffix

Types

type Trace

type Trace struct {
	*Tracker
	ID string
}

Trace object structure

func (*Trace) ExtractCredentials

func (t *Trace) ExtractCredentials(body string, request *http.Request) (found bool, err error)

ExtractCredentials extracts credentials from a request body and stores within a VictimCredentials object

func (*Trace) HijackSession

func (t *Trace) HijackSession(request *http.Request) (err error)

If the request URL matches those defined in authSession in the config, then pass the cookies in the CookieJar to necrobrowser to hijack the session

func (*Trace) IsValid

func (t *Trace) IsValid() bool

IsValid validates the tracking value

type Tracker

type Tracker struct {
	session.SessionModule

	Enabled        bool
	Identifier     string
	ValidatorRegex *regexp.Regexp

	Victims sync.Map
}

Tracker module

func Load

func Load(s *session.Session) (m *Tracker, err error)

Load configures the module by initializing its main structure and variables

func (*Tracker) AddToCookieJar

func (module *Tracker) AddToCookieJar(v *Victim, cookie necrobrowser.SessionCookie)

func (*Tracker) Author

func (module *Tracker) Author() string

Author returns the module author

func (*Tracker) Description

func (module *Tracker) Description() string

Description returns the module description

func (*Tracker) GetVictim

func (module *Tracker) GetVictim(t *Trace) (v *Victim, err error)

GetVictim returns a victim

func (*Tracker) IsEnabled

func (module *Tracker) IsEnabled() bool

IsEnabled returns a boolead to indicate if the module is enabled or not

func (*Tracker) Name

func (module *Tracker) Name() string

Name returns the module name

func (*Tracker) Push

func (module *Tracker) Push(v *Victim)

Push another Victim to the Tracker

func (*Tracker) ShowCredentials

func (module *Tracker) ShowCredentials()

ShowCredentials prints the credentials in the CLI

func (*Tracker) ShowVictims

func (module *Tracker) ShowVictims()

ShowVictims prints the Victims in the CLI

func (*Tracker) TrackRequest

func (module *Tracker) TrackRequest(request *http.Request) (t *Trace)

TrackRequest tracks an HTTP Request

func (*Tracker) TrackResponse

func (module *Tracker) TrackResponse(response *http.Response) (victim *Victim)

TrackResponse tracks an HTTP Response

type Victim

type Victim struct {
	ID        string // UUID
	IP        string
	UA        string
	FirstSeen time.Time
	LastSeen  time.Time
	Username  string
	Password  string
	Token     string // 2FA token

	Credentials []*VictimCredentials

	// map of "cookie name" -> SessionCookie struct
	Cookies sync.Map

	RequestCount int
}

Victim identifies a User-Agent being tracked

type VictimCredentials

type VictimCredentials struct {
	Key   string
	Value string
	Time  time.Time
}

VictimCredentials structure

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL