covertutils: A framework for Backdoor programming!
covertutils
A framework for Backdoor programming!
Blog Post in Securosophy describing some internals
What is it?
This python package automatically handles all communication channel options, like encryption, chunking, steganography, etc.
With all those set with a few lines of code, a programmer can spend time creating the actual payloads, persistense mechanisms, shellcodes and generally more creative stuff!!
The security programmers can stop re-inventing the wheel by implementing encryption mechanisms both agent-side and handler-side to spend their time to develop more versatile agents, and generally feature-full shells!
Python?
Yes, python, and more specifically Python2.7 only, for the time being…
But why Python2?
Several reasons. Mostly because Python2 is more popular among devices (IoT devices, old Linux servers, etc), and backdoor code could run as-is on them, without Freezing, Packing, PyInstalling, etc. Backdoors are valuable when they are as cross-platform as possible. Macs, for example, do not have Python3 installed by default. If you want covertutils in Python3, do not complain, read this reddit flame war dodging and start PRing…
Dependencies?
NO! Absolutely no dependencies, only pure python built-ins! The entropy package is required for the tests though. This is a package’s requirement, to ensure good flow when compiling in executable binaries.
