cSploit 2 architecture

[tux-mind]

I received an email from a guy that want to joint the dev team.

I replied with the following email, I just want to share it with you. I'm looking forward to receive your comments and suggestions, especially from my loved contributors ( @cSploit/core-devs @cSploit/android-devs @cSploit/translators ).

---

As i told you I really love the project but I'm overloaded of work to fill my fridge besides lessons and exams for my master degree. I would really appreciate any help in maintaining/developing cSploit.

I have a lot of ideas that will make it more flexible and cross-platform.

As now I've started working on a new fragmented layout of the app . But combining what I learned from school and work with the huge amount of work needed to switch to this new layout makes me think about a new architecture for the whole app.

First let me explain you a bit how the app worked, how it works and what are my thoughts for the future.

The old dSploit

dSploit were entirely written in Java, using the Android SDK. It used some prebuilt binary with some from-sources ones to have hackers-must-have tools ( arpspoof, nmap, hydra, ettercap ... ). Then it spawned a su shell each time a command is issues.

We encountered many problems, like dynamic library loading restrictions, limitations on su shell opened in a certain time window and so on... One of the major ones was the MitM performances: when a lot of traffic passed though dSploit it cannot satisfy that load.

The current cSploit

The idea behind cSploit is to rewrite the "problematic stuff" of the app into C ( from there the new app name). As now there is a daemon ( cSploitd ) that just manage child processes. The Java app connects to it via a unix socket ( using a native library ) and use it to spawn processes and get their results. This a very "old school" architecture, hard to maintain, hard to add a new tool to our set and so on.

I probably made a bad choice when I was forced to abandon the dSploit project as it were merged into zAnti.

My thoughts for the future

I'm working pretty much with web apps now and I saw the awesome of having a full decupled system. Having an API server and a thin frontend makes everything clean and easily maintainable.

So I was thinking about using this architecture for cSploit, using a REST daemon that crunch data and make the whole work, beside with a thin client that just represent the data from the daemon.

For the frontend I was loooking to angularJS and cordova. For the backend I was looking at Go.

AngularJS, HTML5, CSS3 will make us able to provide a web client to the daemon (responsive [PC, mobile, tablet]). Cordova ( and maybe Ionic ) will then take care of turning this web app into a mobile app for any kind of mobile platform ( Android, iOS, blackberry, windows phone ... ).

For the backend I was looking to Go because the alternatives just do not fit well with android and it's performances are simply awesome. I love the idea of having a compiled daemon ( this is because I designed cSploit daemon in C ), it just run very fast! Now, thanks to Go we can have a native program written in a high-level language!

Conclusions

I'm looking forward to resume forking on the project, really, but now I have to finish my jobs and follow my courses. There is a kindness guy that it's about to send me a Thinkpad to work better when I'm not at home ( mostly all days ). I hope to get back writing code as I resume my courses ( just tomorrow xD ), but depends on my workload.

So, if you can help me in any way I will really appreciate it. Tell me your skills and super-powers, there is very much to do.

Feel free to suggest anything you want, I'm really open to hints and I will make my best to fit your needs.

[Rubenoo]

Hey our beloved @tux-mind, its great to have you back! How did your exams go? Anyway i would like to keep helping to keep the project updated in my native language. Once i learn how to code in the future i will help to make this the project as good as possible! Greetings Ruben

EDIT: Will you be hangin out on the csploit IRC soon? because ive got some questions. If you could answer then that would be great :)

[ETeissonniere]

Hey @tux-mind, I think the web server will have a problem: we won't be able to run it from android right ? So, we will be able to test only the network connected to web server... By, the way sorry for being useless at the moment but I have a LOT to do (french exams for mine :angry: )

[daniloscala]

@tux-mind, thanks for great work , love this app ,keep this. I can help translate PT-BR and PT-PT..

[jorge705]

@tux-mind, I can help translate to spanish

[fabinhojcr]

@daniloscala @jorge705 you are welcome.

[DominikTV]

I'm open to anything new. Maby you can create an early draft to show your ideas? Also I can translate to german :smiley:

[muhviehstah]

I can translate to german . Iam system Engineer so i can be a tester if needed.

[ETeissonniere]

I might translate to french.

[jorge705]

We can use this page to translations:

https://crowdin.com/

[0MazaHacka0]

Can translate to Russian, and can test this app on my 4.1, 4.4, 5.0, 5.1, 6.0 android. I have the phone with this OS.

[raynommo]

Have you considered opening a patreon account? Csploit is a great tool, and I bet there would be a lot of people to support your work

[tux-mind]

@raynommo thanks for the suggestion, but I prefer to keep a our contributions as donations.

Crowdfunding campaign implies guarantying that, after a certain target of money has been reached, I will work on the project and make an usable product in a certain time. Due to school and work I cannot work on cSploit full-time, so I cannot give you those guarantees.

BTW I just got some new toys !

I'm looking forward to learn Go and start writing the new core :blush:

[tux-mind]

@DeveloppSoft no worries about where the server is.

As now cSploit already "uses" a web server on your phone, just think about the MitM tools. So it's not a problem to host a server on your phone, especially when that server it's written in Go, that use so low resources :grin:

This architecture it's though to let you install the cSploit daemon on a device ( say, a Raspberry PI ), attach it to the network and control it from your phone, with :heart:

[raynommo]

Well, patreon is not quite "crowdfunding". I saw people there, that were video-blogging travelling to other countries, or just writing games and stuff. It's not like kickstarter or indiegogo. On patreon people support you, because they love your work, that's all really. It can prove to be a source of mediocre income now and then. PS: I'm glad to know you're still enthusiastic about cSploit.

[tux-mind]

@raynommo I will setup an account on patreon soon then :blush:

thanks for your interest and precious suggestions :heart:

Anyway, I just resumed fixing bugs of current version of cSploit.

I've already started learning Go language for writing the new daemon :yum:

[ETeissonniere]

Hey @tux_mind, just find this: github.com/kr/mitm (might be useful for... Mitm).

[tux-mind]

https://patreon.com/user?u=3082918 with :heart:

[ETeissonniere]

@tux_mind, here is something for you : https://github.com/xiam/hyperfox.

[tux-mind]

@DeveloppSoft thank you for the references.

I've sent an email to some of the developers of the projects you pointed me out.

hyperfox codebase it's quite crappy ( spaghetti code ), I found kr/mitm very interesting, sadly it lacks some goodies that are in development as PR as now.

right now I'm designing the model of cSploit.

we used to have the Target class to manage hosts, gateways, networks and remote websites. It's time to clean up the things :wink:

[jonniex7]

Go tux mind!! We are with you!!!

[Silur]

I will definietly spend my time with rewriting my whole android branch in kotlin to reduce code size and protect our "most advanced and modern" philosopy and also include some new attack vectors like site clone phising and offline attacks like badUSB

[tux-mind]

@Silur :heart:

but I have to suggest you to not proceed, cSploit 2 for android will be a simple web client... As you can see from a my tweet I'm designing the new model and drawing the foundation of version 2.

So, you'll rewrite something that will be deprecated shortly...

Right now I'm designing the MitM model. I'm started tracking down the current features of cSploit MitM and our wishes:

• injection of html, css, JS
• sniffing to pcap
• analyze and extract credentials ( ettercap as now )
• connection killer
• session hijacker
• NEW phishing

For phishing I was looking to gophish, I have to study the way it work to understand which kind of data we have to store.

For traffic analysis I was looking to xplico and it's capanalysis project, it looks very promising and do exactly what we need!

So, guys, fasten your belts, I want to rock this party xD

[ETeissonniere]

@tux_mind is there a way to help you designing cSploit 2 ??

[evertking]

Where is the best place to keep up with the project so I don't have to clutter here? Are the nightly releases still going on? What is this about a cSploit 2?

[tux-mind]

@DeveloppSoft I'll post pics of my sketches on twitter, so you can review and comment them :wink:

@evertking I'm going to tweet short news with my twitter account, just follow me to see them :blush:

[0MazaHacka0]

@tux-mind I think cSploit 2 will be a great app, only if we can use it without Internet. For example, at my school i have a wifi with no connection to the Internet. But use metasploit on PC i can hack PC in this wifi.

[tux-mind]

@0MazaHacka0 thank you for your suggestion!

cSploit will have an heavy integration with MSF, but I'll keep it optional. The default settings for cSploit is to use a locally installed MSF. For mobile platforms like android, cSploit will contain all the needed stuff, no more separate updates.

This way you'll get all the power of the MSF with cSploit even without internet :yum:

I've just ended to design the model, I'll post a photo of the entire thing ASAP to obtain your suggestions.

I'll start to implement it soon :wink:

What are your suggestion about versioning ? The cSploit APK will contains those 3 components with their own versions:

• client
• MSF
• core ( native tools and daemon )

What should we use as APK version ?

Thank you for your help and for getting in touch with me :heart:

[ETeissonniere]

@tux_mind I think it can 2.0.0 Release Codename: MegaTux :smile:

[tux-mind]

@DeveloppSoft nice suggestion :laughing: :laughing: :laughing:

I prefer numbers rather than names :grin:

I was talking about which versioning algorithm to use.

If we update the "core" component from 1.0 to 1.1 what should be the corresponding change in the apk version ?

I think that the android apk will be a totally different project with it's own version number. Long story short, the apk will be a bundle of components with some script to install them.

Also I will drop the update features to use only F-droid. KISS :wink:

[pahapoika]

@tux-mind I always use 66.6 as my apk version and name is fin.null.null (fin cuz im from Finland and null. null cause my friends lg cant handle it :)

I still would like to see metasploit payload generator in csploit 2.0 (As there is in Kali Nethunter) https://github.com/cSploit/android/issues/579

[LikeZer0]

Hi @tux-mind

I want to thank you for all the hard work you do, and tell you that cSploit is actually the most amazing app that I've ever used! If you need an italian translator for your project I'm up! I'm also "getting started" with the Android SDK and I'd love to help you with testing the app!

[0MazaHacka0]

Guys, more than 14 people in this post and nobody can donate to tux_mind? Why? Just 1 dollar.

[Somebodyhura]

@tux-mind well for version... I have 3 suggestions... Before that assume cSploit client is 2.1.5 and core at its 18th update and MSF at 1.7 for example...

Suggestion #1: cSploit 2.1.5 Build 18 M1.7

OR

Suggestion #2: cSploit C217B18M17

OR

Suggestion #3: cSploit 2.1.7_B18_M1.7

[cobrax1]

@tux-mind well for version... I have 3 suggestions... Before that assume cSploit client is 2.1.5 and core at its 18th update and MSF at 1.7 for example...

Suggestion #1: cSploit 2.1.5 Build 18 M1.7

OR

Suggestion #2: cSploit C217B18M17

OR

Suggestion #3: cSploit 2.1.7_B18_M1.7

still waiting for csploit 2.1.7 :') even the last release has much bugs :3 broo for real we need u to comeback , google is shutting down every good app out there :3 we really need u bro :') ( is there anyway to contact u? got much ideas )

[muhviehstah]

use metasploit on nethunter

[cobrax1]

use metasploit on nethunter

i think the project is dead , now there's another tool they said it's better than nethunter , andrax , if u heard about it , few days ago there was a new release

[pahapoika]

use metasploit on nethunter

i think the project is dead , now there's another tool they said it's better than nethunter , andrax , if u heard about it , few days ago there was a new release

Yeah no. Their website is filled with ridiculous marketing like "Hack everything in everywhere", no source code is actually public and overall it just doesn't look legit at all. nethunter is still maintained in Gitlab.