GhostTunnel is a covert backend transmission system which may be utilised within an isolated environment. It may attack the goal through the HID device simply to launch the payload (representative ), then the HID device can be eliminated following the payload is discharged.
It also communicates by copying information in beacon and research asks. We print the GhostTunnel windows and server broker employed in c/c++. The broker does not require elevated privileges, it uses the machine wifi api to ship the probe request and get the beacon. Like on windows, utilizes the Native American WiFi API. That means that you may apply the corresponding broker on different platforms. The machine runs on linux, you want a couple of usb wifi card which supports monitor mode and packet shot to conduct it.
- No interference with the goal’s existing connection communications and status.
- Can skip firewalls.
- May be used to assault rigorously isolated networks.
- Communication station doesn’t depend on the target’s present network link.
- May be used to assaulting some device with the wireless communication module, we analyzed this assault on Window 7 around Windows 10 and OSX.
- Server Just needs a couple of wireless network cards which supports packet detection and track style, such as TP-LINK TL-WN722N, Alfa AWUS036ACH. Utilization:
. /ghosttunnel [port ] . / / ghosttunnel [interface1] [interface2] COMMANDS: sessions = listing all customers utilize = pick a customer to function, utilize [clientID] exit = exit present operation wget = obtain a document from a customer, wget [filepath] stop = stop ghost tube assistance = show this use assistance
- Client Release that the payload into the target system (just windows customer printed ) and implement it.
- Download file The file maximum size limitation is 10M and may only download 1 file at one time.
- You’ll be able to add other purposes as needed.