WangYihang
commented
3 years ago Great idea, I am working on designing the protocol and the architecture.
Open rootabeta opened 4 years ago
WangYihang
commented
3 years ago Great idea, I am working on designing the protocol and the architecture.
WangYihang
commented
3 years ago Released in v1.4.3.
WangYihang
commented
3 years ago Tunnel Create Pull 192.168.0.1 22 127.0.0.1 4444 is equalivalent to ssh -L 4444:192.168.0.1:22.
hy0gy
commented
3 years ago Can you please provide an example also for push, dynamic and internet modes? Also, to create a tunnel the upgrade command is mandatory, but what about if the established connection is already TLS? I mean:
TLS client -> TLS server -> Platypus
There is no need in upgrading the session, and creating a tunnel is not possible. Would be really nice so to create a tunnel even with a not upgraded session, like a simple netcat for example could do. Or even better, would be nice to encrypt just the new tunnel rather than the entire session of the victim to create a new one ( If I understood correctly how the upgrade/ tunnel commands work ). Something like that:
TLS client -> TLS server -> Platypus -> Tunnel [Create|Delete] [Pull|Push|Dynamic|Internet] [Src Host] [Src Port] [Dst Host] [Dst Port] [TLS|NOT ENCRYPTED] [TCP|UDP]
If you can explain how the upgrade and tunnel commands work I can give a more accurate idea and point you to a correct suggestion(:
It would be nice to be able to use compromised targets as proxies to allow pivoting into a target's network. This feature would greatly improve the utility of the tool and enable it to be used as a flexible and powerful C2 framework for pentesting engagements.