omniserver

Release 1.1.0

Module for network testing and prototyping

Homepage PyPI Python

Keywords
malware, analysis, networking
License
Apache-2.0
Install
pip install omniserver==1.1.0

Documentation

Omniserver

PyPI

Connections for all occasions

Omniserver is a Python module designed for quickly prototyping controllers/intercepting malicious network communications, and replicating various types of backdoor traffic. It is capable of quickly starting up highly customizable client and server objects, the goal being to provide maximum flexibility with the smallest amount of boilerplate code possible.

Basic Usage

See documentation

The omniserver module can be used to initiate and control client and server objects. Current varieties include TCP, UDP, HTTP, and DNS.

Clients

Client objects can be used to establish connections with remote servers. Using the with keyword will automatically call connect() and close() methods on the socket.

import omniserver as omni

with omni.tcp_client(("192.168.1.40", 7896)) as client: 
	client.send("Akon")
	client.recv()
	client.send("All on the floor")
	
client = omni.tcp_client(("192.168.1.40", 6547))
if client.beacon(freq=3, tries=5): # Try to connect 5 times, 3 seconds apart, before quiting 
	client.send("whoami")
	client.recv()
	client.send("dir")
	client.recv()
	client.close() # Good practice, but not necessarily required

Servers

Server objects create listening sockets, which await requests from remote clients. They are threaded by default, and can be run all at once or indivdually.

omni.tcp_server(7896)
omni.tcp_server() # Random High Port
omni.udp_server(3214)
omni.http_server(8181) # Works basically the same as http.server
omni.dns_server(default_ip="192.168.1.40") # Will respond to all IPv4 queries with default IP
omni.servers.start_all()

Inheritable Handler Classes

Client and server handler classes can be subclassed for greater control over data handling and the object in general. For example, the TCP and UDP handler's send() and recv() methods are wrapped by the outgoing() and incoming() methods, respectively. See documentation for greater details on base classes and overridable methods.

import dynabyte

class C2Handler(omni.TCPHandler):
    def incoming(self, data): # Decode commands
        decoded = dynabyte.load(data).ADD(0x10).XOR(0x6A) # The encoding scheme, backwards
        return decoded.getdata("string")
        
    def outgoing(self, resp): # Encode response
        encoded = dynabyte.load(resp).XOR(0x6A).SUB(0x10) # XOR/SUB'ing all sent data
        return encoded.getdata("bytes")

class C2Client(omni.TCPClient):
    def incoming(self, data): # incoming() and outgoing() are called within recv() and send(), respectively
        decoded = dynabyte.load(data).ADD(0x10).XOR(0x6A) # The encoding scheme, backwards
        return decoded.getdata("string")

    def outgoing(self, resp): # Called whenever send() is
        encoded = dynabyte.load(resp).XOR(0x6A).SUB(0x10) # XOR/SUB'ing all sent data
        return encoded.getdata("bytes")
		
# Start server
omni.tcp_server(7896, Handler=C2Handler).start()

with omni.tcp_client(("10.10.10.100", 7896), Handler=C2Client) as client:
	client.send("Encoded message")
	client.recv()

Request handler classes operate basically the same way as their socketserver counterparts, handle(), setup(), finish() etc. can be overriden as you see fit.

TLS/SSL

TCP-based servers and clients are TLS/SSL compatible. Omniserver provides functions for generating SSL certs, but they are currently only available when used on Linux.

cert, key = omni.create_cert_key(CN="booberry.edu") # Returns absolute path to CA cert and private key
omni.tcp_server(6547, tls=True, certfile=cert, keyfile=key).start().wait()

On the client side, you'll need the CA of the server you plan to connect to, or cert checking can simply be disabled.

# No cert required
with omni.tcp_client(("10.10.10.50", 6547), tls=True, cert_required=False) as client:
    client.send("Secret TLS message (didn't check the cert)")
    client.recv()
	
# Cert required
client = omni.tcp_client(("10.10.10.50", 6547), tls=True, hostname="booberry.edu", ca_cert="./cert.crt")
if client.connect():
    client.send("Secret TLS message")
    client.recv()
    client.close()

Installation

Install from PyPI

pip install omniserver

Known Issues & TODO

  • Currently cannot easily create SSL certificates on Windows
    • Generating the cert/key with OpenSSL on Linux and moving them over works, if you truly need the TLS/SSL server on Windows
  • Add function for signing certificates with CA
  • HTTP server and client arn't very fleshed out, it's kinda just easier to use requests
    • HTTP/HTTPS clients and servers don't currently support sessions
  • DNS over TCP is in there, but I haven't tested it extensively
  • May re-impliment CLI tool
  • Fix/complete documentation (I rushed it)
  • Fix overriding setup()

Stats

Dependencies
1
Dependent packages
0
Dependent repositories
0
Total releases
2
Latest release
First release
Stars
0
Forks
0
Watchers
1
Contributors
1
Repository size
68.4 KB
SourceRank
8

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.1.0
1.0.0

Contributors

Clarence


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2023-02-04 08:48:22 UTC

Login to resync this project