The Socket Attack Simulation is a scenario-based application that simulates a network attack environment. It consists of two sockets: an attacker socket built with Nest.js and a target socket built with Express.js. The purpose of this simulation is to demonstrate various attack techniques and their potential impact on a target system, while also monitoring the target's status and automatically restarting it if it crashes.
Understanding network security vulnerabilities and the consequences of network attacks is crucial in today's interconnected world. This simulation addresses the need for hands-on experience in identifying potential attack vectors, monitoring system status, and implementing recovery mechanisms.
When the target socket starts running, it notifies the attacker socket that it has registered on the system and is currently running. The attacker socket saves the new target's information to a database and starts monitoring its status.
The attacker socket can initiate a request to capture a screenshot of the target system's display, providing a visual representation of the target's current state.
The attacker socket has the capability to control the target system's mouse remotely, allowing for interaction with the target's graphical user interface.
The attacker socket can initiate file downloads from the target system, providing access to specific files or directories within the target's storage.
The attacker socket can retrieve a comprehensive list of file paths within the target system's storage, enabling reconnaissance and potential exploitation.
The attacker socket can send Python programs to the target system and execute them. This feature provides the ability to run custom Python code on the target, expanding the range of possible actions and capabilities.
Each target socket sends a periodic "alive" signal to the attacker socket every 5 seconds, indicating that it is still operational. If a target socket crashes, the attacker socket automatically detects it and initiates the restart process.
Install with npm
cd .\attacker\
npm install
cd '..\target 1\'
npm install
cd .\attacker\
npm run start:dev
cd '..\target 1\'
npm run start:dev
GET /api
GET /target
GET /target/screenshot/:targetId
Parameter | Type | Description |
---|---|---|
targetId |
string |
Required. |
GET /target/move-mouse/:targetId
Parameter | Type | Description |
---|---|---|
targetId |
string |
Required. |
GET /target/download-files/:targetId?path=<path>
Parameter | Type | Description |
---|---|---|
targetId |
string |
Required. |
path |
string |
Required. |
GET /target/ls/:targetId?path=<path>
Parameter | Type | Description |
---|---|---|
targetId |
string |
Required. |
path |
string |
Required. |
POST /target/upload-file/:targetId
Parameter | Type | Description |
---|---|---|
targetId |
string |
Required. |
file.py |
Form-Data |
Required. |