Oleksii Shevchuk
fe2d6b3fcb
Add more checks to DNSCNC server
...
[+] Omit non-A requests. SOA and DS will bombard server in stealth mode
[+] Check that nonce is growing, or at least the same.
Because of size, our AES-CTR scheme usage is insecure to CPA. While we
really don't care about that, lets check at least that nobody plays
with nonces. Growing nonce will kill the channel withing timeout
time range.
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
240c503769
Help setuptools to find MSVC for AMD64
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
c11d2d7253
Do not remove default paths if we starting from regular python
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
88eabe8e55
Unfortunately it's not possible to start CmdLoop in Thread properly
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
c7188c4f2e
Node was missing during unpack
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
9e302c866b
Avoid TypeError in picodns server
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
0af2216ada
Avoid "RuntimeError: dictionary changed size during iteration"
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
ef6781f42e
Stay silent unless debug.
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
2a228b03e1
Fix path parts in value substitutions
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
f16f65b66f
Use MSS for screenshots (works on Linux/Mac/Win)
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
777d5a71d2
Handle select error (EINTR) properly
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
26af5ad760
Delete-then-raise for tmp certs
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
93ddf8015d
Omit temporary files
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
ecdedfe5dd
Schedule debug build in build.sh (windows)
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
4a9ebd573d
Do not try to close zeroed socket
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
8a3dee31ca
Add new API to select paths either in workdir or at home folders
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
04b3eb0f2c
Create buildenv script for linux client
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
308ebe2df6
DNSCNC minor improvements
...
[+] Add ACK packet type.
It's possible that multiple same packets will arrive to server, and
that response which doesn't contains commands will be delivered to the client
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
8bfae8bb50
Rework pupy basic configuration
...
Improve compression:
[+] LMZA everywhere (uniformed)
[+] Config space 40690 -> 8192
[+] Compress payload libraries (libpython)
[+] Compress serialized objects (resources, bootloader, config)
[-] Windows build (Makefile) was removed
Improve cryptography/credentials default configuration
[+] Remove default secrets
[-] Android still there
[+] Add uniformed class to search proper credentials
[+] Generate all credentials on first launch
[+] Improve SSL -> CA/Client/Server + roles
Client default configuration
[+] Add stubbed site.py (to preserve pupy from search files on target device)
TODO:
[?] Test all that stuff?
[?] Rewrite all transport configs to honor roles
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
d7214db8f9
Shrink paths
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
3a441f3d93
Introduce PupyConfig class to interface access to config files
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
34b3551e1f
Integrate DNSCNC
2017-03-08 19:41:14 +02:00
Oleksii Shevchuk
8dc9232450
Use LZMA instead of ZLib for resources
2017-03-08 19:40:25 +02:00
Oleksii Shevchuk
e320af34ae
Add initial IGD (UPnP) support
2017-03-08 19:40:25 +02:00
Oleksii Shevchuk
a39670a78f
Try to reuse session id numbers
2017-03-08 19:40:25 +02:00
Oleksii Shevchuk
3fa6eb4ab2
Fill connid for bind payloads
2017-03-08 19:40:25 +02:00
Oleksii Shevchuk
9d6e5fada6
Shutdown (more or less) properly
2017-03-08 19:40:25 +02:00
Oleksii Shevchuk
1a9e18a26f
logging module understands string names for log levels
2017-03-08 19:40:24 +02:00
Oleksii Shevchuk
fbfb9c966f
Write nice messages about connection status
2017-03-08 19:40:24 +02:00
Oleksii Shevchuk
288aa030bf
Ensure no duplicates in resources.zip
2017-03-08 19:40:24 +02:00
Oleksii Shevchuk
744a304eb5
Use new PupyConnection for outgoing connections
2017-03-08 19:40:24 +02:00
Oleksii Shevchuk
569f741cfe
Improve upload/download speed
...
Default chunk size is very small. Try to upload whole file at once.
If file is big then set chunk size to 8MB.
For me this reduces required time to upload 10MB file from ~115 secs
to ~13.
2017-03-08 19:40:24 +02:00
Oleksii Shevchuk
1112b0ad0c
Improve pp/bind launcher
...
1. Apply autopep8
2. Simplify exception handling
3. Do not throw SystemExit, it doesn't work for bind launcher. Just
exit.
2017-03-08 19:40:24 +02:00
n1nj4sec
72d41e7fe3
add python3 warning
2017-02-22 16:51:50 +01:00
n1nj4sec
6a6e2d0cb3
Update README.md
2017-02-10 23:53:52 +01:00
n1nj4sec
a7be5db76d
little README refresh
2017-02-10 23:39:51 +01:00
n1nj4sec
5cc8001b96
nbnspoof module (tested on windows only)
2017-02-10 23:01:43 +01:00
n1nj4sec
6a21b81c81
remove deprecated module (replaced by persistence.py)
2017-02-10 22:59:47 +01:00
n1nj4sec
ee4b16b026
Merge branch 'master' of https://github.com/AlessandroZ/pupy
2017-02-10 22:55:37 +01:00
n1nj4sec
636d869017
Merge branch 'portscan' of https://github.com/AlessandroZ/pupy
2017-02-10 22:54:52 +01:00
n1nj4sec
b9e95c59a2
Merge branch 'lazagne' of https://github.com/AlessandroZ/pupy
2017-02-10 22:54:15 +01:00
n1nj4sec
4d27af74ec
Merge branch 'cd' of https://github.com/AlessandroZ/pupy
2017-02-10 22:53:57 +01:00
n1nj4sec
dd176f8b44
Merge branch 'ps' of https://github.com/AlessandroZ/pupy
2017-02-10 22:53:38 +01:00
n1nj4sec
83765c7657
Merge branch 'master' of https://github.com/quentinhardy/pupy
2017-02-10 22:53:32 +01:00
AlessandroZ
b6488d42a1
checkvm for mac os - remote function
2017-02-10 12:01:57 +01:00
AlessandroZ
a630a79435
checkvm for mac os
2017-02-10 12:01:29 +01:00
AlessandroZ
e6ae5bf4f4
print big hashes on db (even if false positive are printed)
2017-02-09 18:18:56 +01:00
AlessandroZ
8dcc24450c
manage hash from mac os
2017-02-09 18:18:38 +01:00
AlessandroZ
db8dfc7765
retrieve hash from mac os system
2017-02-09 18:18:21 +01:00
AlessandroZ
a821714667
sudo alias - symbolic link
2017-02-09 17:37:03 +01:00