redsiege / egress-assess Goto Github PK
View Code? Open in Web Editor NEWEgress-Assess is a tool used to test egress data detection capabilities
License: GNU General Public License v3.0
Egress-Assess is a tool used to test egress data detection capabilities
License: GNU General Public License v3.0
I'm pretty confident this was a debugging statement for you at some point that made it into master:
https://github.com/FortyNorthSecurity/Egress-Assess/blob/master/EgressAssess.ps1#L357
Generate-CreditCards drops a file named CCData.txt
The following command...
date; IEX (New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/ChrisTruncer/Egress-Assess/master/Invoke-EgressAssess.ps1โ); Invoke-EgressAssess -client http -IP x.x.x.x -ResolveDNS -Proxy -Datatype identity -Size 5 -Loops 1 -Verbose; date;
Returns the following results...
Thursday, October 08, 2015 11:38:35 AM
VERBOSE: [] Testing server connection
VERBOSE: [] Server is UP on secure.malofsky-schwartz.com.
VERBOSE: [*] HTTP Server Running on secure.malofsky-schwartz.com port 80.
VERBOSE: Uploading data...
VERBOSE: [] Transfer complete!
VERBOSE: [] 0 loops remaining..
VERBOSE: Uploading data..
VERBOSE: [] Transaction Complete.
VERBOSE: [] Exiting..
Thursday, October 08, 2015 11:38:38 AM
It would be a great feature to have to generate the fake data so that we could use it to zip up and upload to something like google drive, mega.nz, etc. As well as using native SSH clients (SCP) and FTP clients.
Invoke-EgressAssess -client none -Datatype cc -Size 50 -Outfile cc.txt
It'd be nice if you could specify the port to send data on in the Powershell version. You can set the server port number for the listener server-side, but not the client-side. For example, I can't test FTP data over port 1234 because the powershell client doesnt accept an alternate port.
I am a Chinese security researcher, very happy to use Egress-assessment, I would like to add gh0st Trojan simulation traffic, how to simulate the implementation?
Powershell is dead, a c# version would be amazing
When running the following command...
Invoke-EgressAssess -client http -IP X.X.X.X -ResolveDNS -Proxy -Datatype ssn -Size 5 -Loops 1 -Report c:\temp\report.txt -Verbose
I get this error...
VERBOSE: Report File = c:\temp\report.txt
Unable to find type [ordered]: make sure that the assembly containing this type is loaded.
At line:1019 char:34
$EAreport = [ordered] <<<< @{
VERBOSE: [] Testing server connection
VERBOSE: [] Server is UP on .
VERBOSE: [] FTP Server Running on port 21.
VERBOSE: [] Generating 50 MB of Credit Cards (1500000)...
[+] received output:
VERBOSE: [*] Uploading data..
[+] received output:
VERBOSE: [] Error, tranfer failed with error:
VERBOSE: Exception calling "UploadString" with "2" argument(s): "The remote server returned an error: 227 Entering passive mode (,234,183).
."
VERBOSE: [] Exiting..
Tried with ufw fw rules in place and also opening up the server to allow any connection to and from FTP. Still the same error comes up.
Please add RAR file as a data type for exfil
Server
./Egress-Assess.py --server smb
Client
./Egress-Assess.py --client smb --file /root/secrets.txt --ip 10.0.0.10
##############################################################
smbclient \\10.0.0.10\DATA -N -c "put secrets.txt"
WARNING: The "syslog" option is deprecated
secrets.txt does not exist
[+] File Transmitted!
##############################################################
Notice that the file paths to secrets.txt are different.
Same thing works fine with https.
I am facing the timeout error on Exfiltration using HTTPS.
On Server:
p@kali:~/Egress-Assess$ sudo ./Egress-Assess.py --server https
On Client :
PS C:\Users\Egress-Assess-master> Invoke-EgressAssess -client https -datatype cc -Verbose -ip 9.73.2.1
VERBOSE: [] Testing server connection
VERBOSE: [] Server is UP on 9.73.2.1.
VERBOSE: [*] Error, tranfer failed with error:
VERBOSE: Exception calling "Connect" with "2" argument(s): "A connection attempt failed because the connected party did not properly respond after a period of
time, or established connection failed because connected host has failed to respond 9.73.2.1:443"
PS C:\Users\Egress-Assess-master>
But when I browse 9.73.2.1:443 using browser, i can see the request. Any help.
This is less of an issue and more like a comment on how to fix it, you mention to generate a server.pem "on the same level as Egress-Assess" but in the https web server code you specify the following certificate path
cert_path = helpers.ea_path() +\ '/protocols/servers/serverlibs/web/server.pem'
This results in the code not being able to find the certificate unless it is located here -> {EGRESS-PATH}/protocols/servers/serverlibs/web/server.pem.
You can easily fix that and even integrate the ssl certificate creation with the code itself.
DNS client is sending malformed data when using the powershell client of Egress-Assess.
It would be cool to keep a running log somewhere on disk of the transfers that were done. The source IP, protocol, data size, type, etc. That way the user can reference it after the terminal has been closed.
[+] received output:
VERBOSE: [] Testing server connection
VERBOSE: [] Server is UP on .
VERBOSE: [] You did not provide a data type to generate.
VERBOSE: [] DNS file transfers currently not supported.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.