admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-17 07:33:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Modified client options once again for screenshots

Browse Source
This commit is contained in:
h3xduck
2022-06-15 18:42:31 -04:00
parent b284581712
commit bdda5c4269
3 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/chapters/chapter4.tex
View File

@@ -1058,6 +1058,19 @@ After the requested modifications are made, the TC program passes the packet to
The rootkit client is a CLI program which the attacker can use from its own machine to communicate with the rootkit remotely over the network and execute commands using the C2 infraestructure. This section details its functionality and presents how it can be used to connect to the rootkit. The rootkit client is a CLI program which the attacker can use from its own machine to communicate with the rootkit remotely over the network and execute commands using the C2 infraestructure. This section details its functionality and presents how it can be used to connect to the rootkit.
\subsection{Client manual} \subsection{Client manual}
The rootkit client is compiled to a single executable named \textit{injector}. This file must be run indicating which operation the attacker wants to issue to the attacker. Figure \ref{fig:client_help} shows the options which the client has available.
\begin{figure}[htbp]
\centering
\includegraphics[width=15cm]{sch_client_help.png}
\caption{Program options for rootkit client.}
\label{fig:client_help}
\end{figure}
The rootkit client needs to be executed as root, since the library RawTCP_Lib it uses requires privileges for some of its functionalities.

BIN
docs/images/sch_client_help.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 51 KiB

8
src/client/client.c
View File

@@ -42,16 +42,16 @@ void print_help_dialog(const char* arg){
char* desc = "Send a secret message to IP (PoC)"; char* desc = "Send a secret message to IP (PoC)";
printf("\t%-40s %-50s\n\n", line, desc); printf("\t%-40s %-50s\n\n", line, desc);
line = "-c IP"; line = "-c IP";
desc = "Activate plaintext pseudo-shell with IP - Using execve backdoor"; desc = "Spawn plaintext pseudo-shell with IP - using execution hijacking";
printf("\t%-40s %-50s\n\n", line, desc); printf("\t%-40s %-50s\n\n", line, desc);
line = "-e IP"; line = "-e IP";
desc = "Activate encrypted pseudo-shell with IP - with pattern-based trigger"; desc = "Spawn encrypted pseudo-shell with IP - with pattern-based trigger";
printf("\t%-40s %-50s\n\n", line, desc); printf("\t%-40s %-50s\n\n", line, desc);
line = "-s IP"; line = "-s IP";
desc = "Activate encrypted pseudo-shell with IP - with multi-packet trigger"; desc = "Spawn encrypted pseudo-shell with IP - with multi-packet trigger";
printf("\t%-40s %-50s\n\n", line, desc); printf("\t%-40s %-50s\n\n", line, desc);
line = "-p IP"; line = "-p IP";
desc = "Launch a phantom shell - with pattern-based trigger"; desc = "Spawn a phantom shell - with pattern-based trigger";
printf("\t%-40s %-50s\n\n", line, desc); printf("\t%-40s %-50s\n\n", line, desc);
line = "-a IP"; line = "-a IP";
desc = "Activate all of rootkit's hooks"; desc = "Activate all of rootkit's hooks";