Skip to content

Commit

Permalink
Added instructions for the new feature
Browse files Browse the repository at this point in the history
  • Loading branch information
@Dliv3
Dliv3 committed Jun 10, 2019
1 parent 30bca22 commit c27e154
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 16 deletions.
28 changes: 20 additions & 8 deletions README-en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ You can use venom to easily proxy network traffic to a multi-layer intranet, and
- ssh tunnel
- interactive shell
- upload and download file
- network traffic encryption
- supports multiple platforms(Linux/Windows/MacOS) and multiple architectures(x86/x64/arm/mips)

> Since the IoT device (arm/mips/... architecture) usually has limited resources, in order to reduce the size of the binary file, the binaries for the IoT environment do not support port reuse and ssh tunnel, and in order to reduce memory usage, the binaries only support less network concurrency and smaller buffers.
Expand Down Expand Up @@ -121,6 +122,17 @@ cd $GOPATH/src/github.com/Dliv3/Venom
# If you want to turn off iptables port reuse rules
python scripts/port_reuse.py --stop --rhost 192.168.204.135 --rport 80
```
- **network traffic encryption**
Users can specify a password with the `-passwd` option, which is used to generate the key required for AES encryption.
```
# Specify the password as dlive@dubhe with -passwd
./admin_macos_x64 -lport 8889 -passwd dlive@dubhe

# The agent specifies the same password to connect with the admin node
./agent_macos_x64 -rhost 192.168.0.103 -rport 8889 -passwd dlive@dubhe
```
### 2. admin node built-in commands
Expand Down Expand Up @@ -246,15 +258,15 @@ cd $GOPATH/src/github.com/Dliv3/Venom
```
(node 1) >>> upload /tmp/test.pdf /tmp/test2.pdf
upload /tmp/test.pdf to /tmp/test2.pdf
upload /tmp/test.pdf to node 1: /tmp/test2.pdf
this file is too large(>100M), do you still want to upload it? (y/n)y
154.23 MiB / 154.23 MiB [========================================] 100.00% 1s
upload file successfully!
```
Download node1's file /tmp/test2.pdf to your local /tmp/test3.pdf
```
(node 1) >>> download /tmp/test2.pdf /tmp/test3.pdf
download /tmp/test2.pdf from /tmp/test3.pdf
download /tmp/test2.pdf from node 1: /tmp/test3.pdf
this file is too large(>100M), do you still want to download it? (y/n)y
154.23 MiB / 154.23 MiB [========================================] 100.00% 1s
download file successfully!
Expand Down Expand Up @@ -292,12 +304,12 @@ cd $GOPATH/src/github.com/Dliv3/Venom
## TODO
- combined with regeorg
- multiple administrator nodes
- network traffic encryption
- support socks5 udp
- RESTful API
- combined with meterpreter (to be discussed)
- [ ] combined with regeorg
- [ ] multiple administrator nodes
- [x] network traffic encryption
- [ ] support socks5 udp
- [ ] RESTful API
- [ ] combined with meterpreter (to be discussed)
## Acknowledgement
Expand Down
29 changes: 21 additions & 8 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ Venom可将多个节点进行连接,然后以节点为跳板,构建多级代
- ssh隧道
- 交互式shell
- 文件的上传和下载
- 节点间通信加密
- 支持多种平台(Linux/Windows/MacOS)和多种架构(x86/x64/arm/mips)

> 由于IoT设备(arm/mips/...架构)通常资源有限,为了减小二进制文件的大小,该项目针对IoT环境编译的二进制文件不支持端口复用和ssh隧道这两个功能,并且为了减小内存使用限制了网络并发数和缓冲区大小。
Expand Down Expand Up @@ -120,6 +121,18 @@ cd $GOPATH/src/github.com/Dliv3/Venom
python scripts/port_reuse.py --stop --rhost 192.168.204.135 --rport 80
```

- **节点间通信加密**

Venom提供节点间通信加密功能,用户可通过`-passwd`选项指定密码,该密码用于生成AES加密所需的密钥。

```
# 通过-passwd指定密码为dlive@dubhe
./admin_macos_x64 -lport 8889 -passwd dlive@dubhe
# agent指定相同的密码与admin节点连接
./agent_macos_x64 -rhost 192.168.0.103 -rport 8889 -passwd dlive@dubhe
```

### 2. admin节点内置命令

- **help** 打印帮助信息
Expand Down Expand Up @@ -237,15 +250,15 @@ cd $GOPATH/src/github.com/Dliv3/Venom

```
(node 1) >>> upload /tmp/test.pdf /tmp/test2.pdf
upload /tmp/test.pdf to /tmp/test2.pdf
upload /tmp/test.pdf to node 1: /tmp/test2.pdf
this file is too large(>100M), do you still want to upload it? (y/n)y
154.23 MiB / 154.23 MiB [========================================] 100.00% 1s
upload file successfully!
```
将node1的文件/tmp/test2.pdf下载到本地的/tmp/test3.pdf
```
(node 1) >>> download /tmp/test2.pdf /tmp/test3.pdf
download /tmp/test2.pdf from /tmp/test3.pdf
download /tmp/test2.pdf from node 1: /tmp/test3.pdf
this file is too large(>100M), do you still want to download it? (y/n)y
154.23 MiB / 154.23 MiB [========================================] 100.00% 1s
download file successfully!
Expand Down Expand Up @@ -283,12 +296,12 @@ cd $GOPATH/src/github.com/Dliv3/Venom

## TODO

- 与regeorg联动
- 多个admin节点同时对网络进行管理
- 节点间通信流量加密
- socks5对udp的支持
- 与meterpreter联动 (待定)
- RESTful API
- [ ] 与regeorg联动
- [ ] 多个admin节点同时对网络进行管理
- [x] 节点间通信流量加密
- [ ] socks5对udp的支持
- [ ] 与meterpreter联动 (待定)
- [ ] RESTful API

## 致谢

Expand Down

0 comments on commit c27e154

Please sign in to comment.