external_c2_framework icon indicating copy to clipboard operation
external_c2_framework copied to clipboard
verified publisher icon Und3rf10w

commonUtils.prepData() breaks compatibility with certain transports that require batch encoding of data

Open Und3rf10w opened this issue 7 years ago • 2 comments

In cases where a transport needs to encode data in batches, commonUtils.prepData() prevents them from working. An example usecase for this can be seen with #12, where we can't build an array of encoded data (e.g. extremely large images) BEFORE uploading it, because we would potentially have to store GBs worth of data in memory; which as can be seen in the photo below, can quickly over-consume resources on the system.

image

Workaround

Until this is resolved, a simple workaround exists by modifying the sendData() and retrieveData() functions in commonUtils.prepData(), as shown below:

def sendData(data):
	# This will upload the data via the covert channel
	# returns a confirmation that the data has been sent

	if config.debug:
		print (color("RAW DATA TO BE SENT: ", status=False, yellow=True) + "%s") % (data)
	# Prepares the data to be sent via the covert channel
	# preped_data = prepData(data) # < --- Commented this line out

        transport.sendData(data) # < ---- Added this line in

def retrieveData():
	# This will retireve data via the covert channel
	# Returns unencoded data

	data = transport.retrieveData()

	if config.debug:
		print (color("RAW RETRIEVED DATA: ", status=False, yellow=True) + "%s") % (data)

	# Prepare the recieved data by running it through the decoder
	# preped_data = decodeData(data)  # < --- Commented this line out

	# return preped_data # < --- Commented this line out
	return data # < ---- Added this line in

Und3rf10w avatar Jan 29 '18 22:01 Und3rf10w

I just realized that if the project standardized on transports being responsible for interfacing with the encoder, instead of a framwork component, then this would resolve the problem entirely in a simple manner. There's no need for a component to care how the data needs to be handled once it's passed off to the transport.

Because a transport shouldn't ever need to support both batch and normal encoding of data, the logic for a transport will ALWAYS be handled correctly, so long as the transport handles the interfacing with the encoder. Even in the event that's required, that's something that can be done by the author of the transport.

Und3rf10w avatar Feb 14 '18 04:02 Und3rf10w

Use importlib.import_module() (https://docs.python.org/2/library/importlib.html), need to rewrite the importModule() function.

Und3rf10w avatar Mar 21 '18 04:03 Und3rf10w