Commit Graph

1044 Commits

Author SHA1 Message Date
Oleksii Shevchuk 1a3ad7bb60 Properly invalidate cache during forced package loading 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 638a6469a1 Compile modules 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk a6a992eaef Reduce amount of unnecessary transferred data during package loading 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 61114ad552 Add support for host:port notation 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 47c871626f Provide client/non-client status 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk b732a93488 Use 'dependencies' as much as possible 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 7dbfb5ae98 Speedup packages loading. Also try local packages for non-clients 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk e58c910493 Copy compatible headers after bootstrap 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 050c5eecca Fix timeouts logic 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 2ef3cc7cf8 Move make psutils clients built-in (Linux, Windows) 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 3d7d76bbef Add python-ptrace to standard package 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk cfbdc87758 ZSH doesn't support writing to UID 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 767eeb82c7 Make interactive shell a bit less intrusive 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 0b6169a6b8 Remove debug prints 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 26a0159cb6 DNSCNC fixes. TODO: DNS storm handling 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 9b8c682201 Use raw write to log to omit newlines per page output 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 2931b7053a Define old_handler before problematic section 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 83e038ca5c Set default interval to 30 secs to prevent DNS storm 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk b2264093d8 Use lower logging priority by default 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk e2f25223b9 Add missing import 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk fe2d6b3fcb Add more checks to DNSCNC server
[+] Omit non-A requests. SOA and DS will bombard server in stealth mode
[+] Check that nonce is growing, or at least the same.
    Because of size, our AES-CTR scheme usage is insecure to CPA. While we
    really don't care about that, lets check at least that nobody plays
    with nonces. Growing nonce will kill the channel withing timeout
    time range.
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 240c503769 Help setuptools to find MSVC for AMD64 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk c11d2d7253 Do not remove default paths if we starting from regular python 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 88eabe8e55 Unfortunately it's not possible to start CmdLoop in Thread properly 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk c7188c4f2e Node was missing during unpack 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 9e302c866b Avoid TypeError in picodns server 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 0af2216ada Avoid "RuntimeError: dictionary changed size during iteration" 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk ef6781f42e Stay silent unless debug. 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 2a228b03e1 Fix path parts in value substitutions 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk f16f65b66f Use MSS for screenshots (works on Linux/Mac/Win) 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 777d5a71d2 Handle select error (EINTR) properly 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 26af5ad760 Delete-then-raise for tmp certs 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 93ddf8015d Omit temporary files 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk ecdedfe5dd Schedule debug build in build.sh (windows) 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 4a9ebd573d Do not try to close zeroed socket 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 8a3dee31ca Add new API to select paths either in workdir or at home folders 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 04b3eb0f2c Create buildenv script for linux client 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 308ebe2df6 DNSCNC minor improvements
[+] Add ACK packet type.
    It's possible that multiple same packets will arrive to server, and
    that response which doesn't contains commands will be delivered to the client
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 8bfae8bb50 Rework pupy basic configuration
Improve compression:
[+] LMZA everywhere (uniformed)
[+] Config space 40690 -> 8192
[+] Compress payload libraries (libpython)
[+] Compress serialized objects (resources, bootloader, config)
[-] Windows build (Makefile) was removed

Improve cryptography/credentials default configuration
[+] Remove default secrets
[-] Android still there
[+] Add uniformed class to search proper credentials
[+] Generate all credentials on first launch
[+] Improve SSL -> CA/Client/Server + roles

Client default configuration
[+] Add stubbed site.py (to preserve pupy from search files on target device)

TODO:
[?] Test all that stuff?
[?] Rewrite all transport configs to honor roles
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk d7214db8f9 Shrink paths 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 3a441f3d93 Introduce PupyConfig class to interface access to config files 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 34b3551e1f Integrate DNSCNC 2017-03-08 19:41:14 +02:00
Oleksii Shevchuk 8dc9232450 Use LZMA instead of ZLib for resources 2017-03-08 19:40:25 +02:00
Oleksii Shevchuk e320af34ae Add initial IGD (UPnP) support 2017-03-08 19:40:25 +02:00
Oleksii Shevchuk a39670a78f Try to reuse session id numbers 2017-03-08 19:40:25 +02:00
Oleksii Shevchuk 3fa6eb4ab2 Fill connid for bind payloads 2017-03-08 19:40:25 +02:00
Oleksii Shevchuk 9d6e5fada6 Shutdown (more or less) properly 2017-03-08 19:40:25 +02:00
Oleksii Shevchuk 1a9e18a26f logging module understands string names for log levels 2017-03-08 19:40:24 +02:00
Oleksii Shevchuk fbfb9c966f Write nice messages about connection status 2017-03-08 19:40:24 +02:00
Oleksii Shevchuk 288aa030bf Ensure no duplicates in resources.zip 2017-03-08 19:40:24 +02:00