WangYihang/Platypus

[Feature Requests] Encryption support.

Opened this issue · 2 comments

Deleted user commented

Description

I would like for the platypus listener to support encryption such as AES or SSL.
Describe your problem here

The Platypus server currently does not support encryption which means the commands are send in cleartext over the network.

Reproduce

  1. go run platypus.go
  2. Run 0.0.0.0 8080
    ...
  3. Encrypt [hash of listener] /path/to/ssl.crt /path/to/ssl.key

Expected behavior

The entire connection has end to end encryption

Current behavior

The connection can be eavesdropped by anyone using a wire sniffer.

Screenshots/Terminal log

Environments

  • OS: Ubuntu 18.04.1 LTS
  • Version: 1.1.0
WangYihang commented

Got it, nice idea, I will add this idea into TODO list. thank you so much!

WangYihang commented

This feature was supported in the latest version, namely v1.4.1.
Now, Platypus will start two different listeners by default,

  • 13338 for raw reverse shell listener, which provides an Upgrade Button on the client. It will upgrade the client to the TLS encrypted channel.
  • 13337 for the private encrypted channel.

Demostration

encrypted2

As you can see, the data is encrypted via TLS3.

image

Thank you for requesting this feature, feel free to try it and leave some feedback. @ghost