Update 'src/eros/eros.go'
added clientside api functionality for exploit; my json code might get cucked by json-iterator tho
This commit is contained in:
parent
38210653b8
commit
fc5e158b46
130
src/eros/eros.go
130
src/eros/eros.go
@ -23,6 +23,13 @@ import (
|
||||
bluetooth "git.tcp.direct/kayos/prototooth"
|
||||
"github.com/prologic/bitcask"
|
||||
"github.com/rs/zerolog/log"
|
||||
|
||||
structs "protomolecule/src/eros/structs"
|
||||
"github.com/labstack/echo/middleware"
|
||||
"github.com/labstack/echo"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -31,12 +38,13 @@ var (
|
||||
dbs = []string{
|
||||
"devices", // details about devices discovered
|
||||
"exploits", // details about exploits to be used against BLE devices
|
||||
"services", // definitions of various bluetook services and will ultimately be updated via an HTTP repository
|
||||
"services", // definitions of various bluetooth services and will ultimately be updated via an HTTP repository
|
||||
"manufacturers", // manufacturer to UUID correlations and info
|
||||
}
|
||||
|
||||
err error
|
||||
Manufacturers ManufData
|
||||
Exploits Exploit
|
||||
|
||||
// DataDir - should be defined by config or cmd flag
|
||||
DataDir string = "./.eros-data/"
|
||||
@ -256,15 +264,123 @@ func Backup(path string) error {
|
||||
|
||||
// Hypnosis - retrieve new exploits/attacks from a remote http repository
|
||||
func Hypnosis(repo string) {
|
||||
// placeholder
|
||||
|
||||
e:= echo.New()
|
||||
// CORS
|
||||
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
|
||||
AllowOrigins: []string{"*"},
|
||||
AllowMethods: []string{echo.GET, echo.HEAD, echo.PUT, echo.PATCH, echo.POST, echo.DELETE} //TODO: possibly trim the methods for security purposes
|
||||
}))
|
||||
|
||||
// GET
|
||||
e.GET("/exploits", func(c echo.Context) error {
|
||||
// Build request
|
||||
req, err := http.NewRequest("GET", repo, nil)
|
||||
if err != nil {
|
||||
fmt.Println("Error in GET request: ", err)
|
||||
}
|
||||
|
||||
// Certificate sanity checks
|
||||
caCert, err := ioutil.Readfile("server.crt")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
cert, err := tls.LoadX509KeyPair("client.crt", "client.key")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
// Add certificates
|
||||
caCertPool := x509.NewCertPool()
|
||||
caCertPool.AppendCertsFromPEM(caCert)
|
||||
|
||||
// Create client
|
||||
client := &http.Client{
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
RootCAs: caCertPool,
|
||||
Certificates: []tls.Certificate{cert},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
// Send request
|
||||
res, err := client.Do(req)
|
||||
if err != nil {
|
||||
fmt.Println("Client Error: ", err)
|
||||
}
|
||||
|
||||
// Defer body close
|
||||
defer res.Body.Close()
|
||||
|
||||
// Late binding data from JSON
|
||||
var exp structs.Exploit
|
||||
|
||||
// Decode JSON stream
|
||||
If err := json.NewDecoder(res.Body).Decode(&exp); err != nil {
|
||||
fmt.Println(err)
|
||||
}
|
||||
|
||||
return c.JSON(http.StatusOK, exp)
|
||||
|
||||
})
|
||||
|
||||
}
|
||||
|
||||
// Trauma - store details of an exploit/attack against BLE devices
|
||||
func Trauma(name string, targ string, cat string, vec Vector, pay Payload) {
|
||||
// placeholder
|
||||
func Trauma(exp *Exploit) error {
|
||||
var err error
|
||||
var rhist map[time.Time]int16
|
||||
|
||||
if !Known(exp.Addr) {
|
||||
exp.Discovered = time.Now()
|
||||
rhist = make(map[time.Time]int16)
|
||||
} else {
|
||||
re, _ := Flashback(exp.Addr)
|
||||
exp.Discovered = re.Discovered
|
||||
rhist = re.RSSIhist
|
||||
}
|
||||
|
||||
rhist[time.Now()] = exp.RSSIlast
|
||||
exp.RSSIhist = rhist
|
||||
exp.Seen = time.Now()
|
||||
|
||||
var jsonData []byte
|
||||
jsonData, err = json.Marshal(exp)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = DB["exploits"].Put([]byte(exp.Addr), jsonData)
|
||||
return err
|
||||
}
|
||||
|
||||
// Flashback - retrieve details for the named exploit/attack
|
||||
func Flashback(name string) {
|
||||
//placeholder
|
||||
func FinalizeExploit(bigidea Exploit) *Exploit {
|
||||
bigidea.mu = &sync.RWMutex{}
|
||||
return &bigidea
|
||||
}
|
||||
|
||||
// Known - check if an exploit is present in the database
|
||||
func Known(Addr string) bool {
|
||||
if DB["exploits"].Has([]byte(Addr)) {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
// Flashback - retrieve details for the named exploit/attack
|
||||
func Flashback(Addr string) (Exploit, error) {
|
||||
var err error
|
||||
var bytes []byte
|
||||
var member Exploit
|
||||
|
||||
bytes, err = DB["exploits"].Get([]byte(Addr))
|
||||
|
||||
if err != nil {
|
||||
member = Exploit{}
|
||||
return member, err
|
||||
}
|
||||
|
||||
json.Unmarshal(bytes, &member)
|
||||
return member, err
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user