Closed kmroz closed 2 years ago
https://github.com/alphasoc/flightsim/issues/28 https://github.com/alphasoc/flightsim/issues/21
@tg I think this is ready for a first look. I still need to push some changes to sandbox. Will do that in a bit. Thanks!
Regarding the build, it looks like code checkout failed in circleci. I'll have a look tomorrow.
Will also think about some tests, but most of this is connection setup and leveraging clap-sftp packet parsing.
Probably worth bumping up golang version in circleci to something newer as well.
./flightsim run ssh-transfer:1MB
...
12:11:03 [ssh-transfer:1MB] Preparing to send randomly generated data to a standard SSH port
12:11:03 [ssh-transfer:1MB] Simulating an SSH/SFTP file transfer of 1048576B (1.00MB) to 127.0.0.1:22
...
./flightsim run ssh-exfil:1MB
...
12:11:11 [ssh-exfil:1MB] Preparing to send randomly generated data to a non-standard SSH port
12:11:11 [ssh-exfil:1MB] Simulating an SSH/SFTP file transfer of 1048576B (1.00MB) to 127.0.0.1:465
...
./flightsim run ssh-exfil:1MB
...
12:11:20 [ssh-exfil:1MB] Preparing to send randomly generated data to a non-standard SSH port
12:11:20 [ssh-exfil:1MB] Simulating an SSH/SFTP file transfer of 1048576B (1.00MB) to 127.0.0.1:587
...
./flightsim run ssh-exfil:1MB
...
12:11:23 [ssh-exfil:1MB] Preparing to send randomly generated data to a non-standard SSH port
12:11:23 [ssh-exfil:1MB] Simulating an SSH/SFTP file transfer of 1048576B (1.00MB) to 127.0.0.1:995
@tg @ioj - rebased this on top of master.
The ssh-transfer module simulates SSH/SFTP file writes by generating 'random' data, and sending this data using the SFTP protocol to a running instance of alphasoc's sandbox server.
The ssh-exfil makes use of ssh-transfer, but 'randomly' selects an agreed upon list of non-standard SSH ports to test SSH exfiltration.