Bidirectional channel?

Question

Bidirectional channel?

0x27 opened this issue 10 years ago · 5 comments

Could this be extended to be a bidirectional C&C channel, or is it just for sending output at the moment?

Apologies if silly question, have not yet had time to RTFC :P but seriously, nice work :D

Answer 1 · 2014-12-10T07:36:51.000Z

It is a valid issues and it had not yet had an open ticket but it is intended for some of the exfiltration methods. Would you like to send back strings or files?

Answer 2 · 2014-12-10T11:47:15.000Z

I think he is talking about sending back commands to the "sending" client, TBH this shouldn't be too hard for ICMP and HTTP, but, for the UDP based protocols I believe this is impossible.

Answer 3 · 2014-12-10T11:55:29.000Z

@bararchy is correct in understanding, effectively, the ability to upload/download files, run commands and recieve output, etc. That way one could write plugins in Python, have them ran using exec() or similar and have output passed back for more implant functionality. Would probably be a bit outside the scope of exfil alone, but a very, very cool thing :)

It actually is possible to do this over DNS - see https://github.com/rwhitcroft/dnschan :)

Answer 4 · 2014-12-10T12:37:08.000Z

It is very possible. It is in one of the next stages. Practically it is already built just needs a bit tweaking with the current 2 module. These are one of the next mile stones after we finish basic QA we can turn this into a more robust platform and then not only file but also "regular strings" with verification will be possible.

Answer 5 · 2016-11-22T03:46:24.000Z

Seems solved.