A framework for Remote Code Execution Agent programming.
What is it?
This python package automatically handles all communication channel options, like encryption, chunking, steganography, etc.
With all those set with a few lines of code, a programmer can spend time creating the actual payloads, persistense mechanisms, shellcodes and generally more creative stuff!!
The security programmers can stop re-inventing the wheel by implementing encryption mechanisms both agent-side and handler-side to spend their time to develop more versatile agents, and generally feature-full shells!
Yes, python, and more specifically python 2.7 only, for the time being...
NO! Absolutely no dependencies, only pure python built-ins! The
entropy package is required for the
tests though. This is a package's requirement, to ensure good flow when compiling in executable binaries.
Messages are all things that mean something to the listener. Messages travel through communication channels, and they have to be unaware of the channel they are travelling in. In other words, messages have to be independent of the mean of their transportation.
- If the communication channel can handle low length byte-chunks per "burst", the message has to be chunked.
- If the communication channel filters certain byte arrays (IDS/IPS, NextGen Firewalls).
The Stream is a tag that gives certain context to the message. Can be defined and used for arbitrary reasons. Streams, for example, can be used to separate
Shell Commands from
Orchestrators are the core of data manipulation in
covertutils. They handle all data transformation methods to translate raw chunks of data into Stream-Message pairs.
Handlers tie together the raw byte input/output with the
orchestrators to provide an interface of:
def onMessage( message, stream ) : if stream == 'shell' : os.system( message )
A shell interface with prompt and
stream control can be spawned from a
Handler instance with:
(covertutils v0.2.1)[control]> (covertutils v0.2.1)[control]> !main (covertutils v0.2.1)[main]> <Ctrl-C> Really Control-C [y/N]? y Aborted by the user...
Networking is not handled by
covertutils, as python provides great built-in networking API (directly inherited from C). The only requirements for
covertutils Handlers are 2 functions wrapping the raw data sending and receiving.
Just pass a
send( raw ) and a
recv() function to a
Handler and you have a working One-Time-Pad encrypted, bandwidth aware, protocol independent, password protected channel.
Sample TCP/UDP Reverse Shells and TCP Bind Shell scripts can be found in
Certainly! All pull requests that are tested and do not break the existing tests will be accepted! Especially Pull Requests towards Python2/Python3 compatibility will be greatly appreciated!