Bidirectional channel? #5
Comments
|
It is a valid issues and it had not yet had an open ticket but it is intended for some of the exfiltration methods. Would you like to send back strings or files? |
|
I think he is talking about sending back commands to the "sending" client, TBH this shouldn't be too hard for ICMP and HTTP, but, for the UDP based protocols I believe this is impossible. |
|
@bararchy is correct in understanding, effectively, the ability to upload/download files, run commands and recieve output, etc. That way one could write plugins in Python, have them ran using exec() or similar and have output passed back for more implant functionality. Would probably be a bit outside the scope of exfil alone, but a very, very cool thing :) It actually is possible to do this over DNS - see https://github.com/rwhitcroft/dnschan :) |
|
It is very possible. It is in one of the next stages. Practically it is already built just needs a bit tweaking with the current 2 module. These are one of the next mile stones after we finish basic QA we can turn this into a more robust platform and then not only file but also "regular strings" with verification will be possible. |
|
Seems solved. |
Could this be extended to be a bidirectional C&C channel, or is it just for sending output at the moment?
Apologies if silly question, have not yet had time to RTFC :P but seriously, nice work :D
The text was updated successfully, but these errors were encountered: