This project consists of a server and a client implementation. The server uses Flask and Python's socket
and threading
libraries to manage connections, handle file transfers, and execute commands on connected agents. The client connects to the server, receives commands, executes them, and handles file transfers. The project also includes a web interface for managing agents.
- Installation
- Usage
- Features
- Configuration
- Endpoints
- Client Functionality
- Web Interface
- Contributing
- License
- Acknowledgements
- Contact Information
- Python 3.6+
- Flask
-
Clone the repository:
git clone https://github.com/Surajkumarsaw1/CypherC2.git cd CypherC2
-
Install the required packages:
pip install -r requirements.txt
-
Create the uploads directory if it doesn't exist:
mkdir -p uploads
-
Run the server:
python server.py
-
Run the client (in a separate terminal):
python client.py
Run the following command to start the server:
python server.py
Agents can connect to the server at 127.0.0.1:1234
.
Commands can be sent to agents via the Flask web interface. Navigate to http://127.0.0.1:5000
to interact with the agents.
Run the following command to start the client:
python client.py
- Handles multiple agent connections using threads.
- Allows sending and receiving commands to/from agents.
- Supports file transfers with chunk verification and hash validation.
- Provides a web interface to manage agents and execute commands.
The server and client configuration parameters can be adjusted in their respective files:
ip_address
: The IP address of the server (default is'127.0.0.1'
).port_number
: The port number for the socket server (default is1234
).UPLOAD_FOLDER
: Directory for storing uploaded files (default is'uploads'
).RECV_SIZE
: Size of data chunks to receive from agents (default is1MB
).CHUNK_SIZE
: Size of file chunks to send to agents (default is1024 * 1020
).
ip
: The IP address of the server (default is'127.0.0.1'
).port
: The port number for the socket server (default is1234
).RECV_SIZE
: Size of data chunks to receive from the server (default is1MB
).CHUNK_SIZE
: Size of file chunks to send to the server (default is1024 * 1020
).
- Method: GET
- Description: Home page of the web interface.
- Method: GET
- Description: Lists all connected agents with their details.
- Method: GET
- Description: Terminal interface for sending commands to the specified agent.
- Method: POST
- Description: Executes a command on the specified agent.
- Request Body:
{ "command": "your-command" }
- Response:
{ "output": "command-output" }
The client connects to the server at the specified IP and port.
The client waits to receive commands from the server. Commands are expected in a dictionary format.
The client can execute shell commands or handle file transfers based on the received command type.
- The client handles file chunks, verifies their hashes, and reassembles them.
- The client can also send file chunks to the server upon request.
- If the command is to transfer a file, the client reads the file in chunks and sends them to the server.
- If the command is a shell command, the client executes it and sends the output back to the server.
This is the home page of the web interface.
This page lists all connected agents with their details.
This page provides a terminal interface for sending commands to the specified agent.
- Connection Errors: The server and client handle connection errors using try-except blocks to catch
ConnectionError
exceptions. When a connection error occurs, a message is printed, and the connection is closed gracefully. - Invalid Commands: If the client receives an invalid command format, it catches
SyntaxError
andValueError
exceptions, logs an error message, and continues to wait for valid commands. - File Handling Errors: Errors that occur during file operations (e.g., reading or writing files) are caught and logged. The client sends an appropriate error message back to the server.
- Input Validation: The client uses
ast.literal_eval
to safely parse commands from the server, ensuring that only valid Python literals are processed. - File Handling: When transferring files, the client and server verify the integrity of file chunks using SHA-256 hashes. This helps prevent data corruption and ensures that the transferred files are intact.
- Command Execution: The client executes shell commands with caution, capturing both standard output and standard error to prevent unexpected behavior.
- Fork the repository.
- Create a new branch:
git checkout -b feature-branch
- Make your changes.
- Commit your changes:
git commit -m "Description of changes"
- Push to the branch:
git push origin feature-branch
- Create a pull request.
This project is licensed under the Limited MIT License. See the LICENSE file for details.
- Thanks to the contributors of Flask and Python for their wonderful libraries.
For any questions or support, please contact Contact Me.