unchained.guru

security

The Invisible Internet Project (I2P) is a fully encrypted private network layer that has been developed with privacy and security by design in order to provide protection for your activity, location and your identity. The software ships with a router that connects you to the network and applications for sharing, communicating and building.

I2P Cares About Privacy

I2P hides the server from the user and the user from the server. All I2P traffic is internal to the I2P network. Traffic inside I2P does not interact with the Internet directly. It is a layer on top of the Internet. It uses encrypted unidirectional tunnels between you and your peers. No one can see where traffic is coming from, where it is going, or what the contents are. Additionally I2P offers resistance to pattern recognition and blocking by censors. Because the network relies on peers to route traffic, location blocking is also reduced.

How to Connect to the I2P Network

The Invisible Internet Project provides software to download that connects you to the network. In addition to the network privacy benefits, I2P provides an application layer that allows people to use and create familiar apps for daily use. I2P provides its own unique DNS so that you can self host or mirror content on the network. You can create and own your own platform that you can add to the I2P directory or only invite your friends. The I2P network functions the same way the Internet does. When you download the I2P software, it includes everything you need to connect, share, and create privately.

An Overview of the Network

I2P uses cryptography to achieve a variety of properties for the tunnels it builds and the communications it transports. I2P tunnels use transports, NTCP2 and SSU, to hide the nature of the traffic being transported over it. Connections are encrypted from router-to-router, and from client-to-client(end-to-end). Forward-secrecy is provided for all connections. Because I2P is cryptographically addressed, I2P addresses are self-authenticating and only belong to the user who generated them.

I2P is a secure and traffic protecting Internet-like layer. The network is made up of peers (“routers”) and unidirectional inbound and outbound virtual tunnels. Routers communicate with each other using protocols built on existing transport mechanisms (TCP, UDP, etc), passing messages. Client applications have their own cryptographic identifier (“Destination”) which enables it to send and receive messages. These clients can connect to any router and authorize the temporary allocation (“lease”) of some tunnels that will be used for sending and receiving messages through the network. I2P has its own internal network database (using a modification of the Kademlia DHT) for distributing routing and contact information securely.

About Decentralization and I2P

The I2P network is almost completely decentralized, with exception to what are called “Reseed Servers,” which is how you first join the network. This is to deal with the DHT ( Distributed Hash Table ) bootstrap problem. Basically, there's not a good and reliable way to get out of running at least one permanent bootstrap node that non-network users can find to get started. Once you're connected to the network, you only discover peers by building “exploratory” tunnels, but to make your initial connection, you need to get a peer set from somewhere. The reseed servers, which you can see listed on http://127.0.0.1:7657/configreseed in the Java I2P router, provide you with those peers. You then connect to them with the I2P router until you find one who you can reach and build exploratory tunnels through. Reseed servers can tell that you bootstrapped from them, but nothing else about your traffic on the I2P network.

I see IP addresses of all other I2P nodes in the router console. Does that mean my IP address is visible by others?

Yes, this is how a fully distributed peer-to-peer network works. Every node participates in routing packets for others, so your IP address must be known to establish connections. While the fact that your computer runs I2P is public, nobody can see your activities in it. You can't say if a user behind this IP address is sharing files, hosting a website, doing research or just running a node to contribute bandwidth to the project.

What I2P Does Not Do

The I2P network does not officially “Exit” traffic. It has outproxies to the Internet run by volunteers, which are centralized services. I2P is primarily a hidden service network and outproxying is not an official function, nor is it advised. The privacy benefits you get from participating in the the I2P network come from remaining in the network and not accessing the internet. I2P recommends that you use Tor Browser or a trusted VPN when you want to browse the Internet privately.

#security

#Bash

#benchmarking #CodePen #Commodore

#CSS

#CSS3D

#CLI

#electronics #FTP

#Golang

#Hugo #iOS #PaaS

#PHP

#Python

#Rust

#security #streaming #test

#Typescript

#Tor

#tor #golang #security

A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.

DISCLAIMER

USE FOR EDUCATIONAL OR INTERNAL TESTING PURPOSES ONLY

License CircleCI Go Report Card Docker Cloud Build Status

How to use ToRat Docker Image

TL;DR

git clone https://github.com/lu4p/ToRat.git
cd ./ToRat
sudo docker build . -t torat
sudo docker run -it -v "$(pwd)"/dist:/dist_ext torat

Prerequisites

  1. Install Docker on Linux

Install

  1. Clone this repo via git

    git clone https://github.com/lu4p/ToRat.git

  2. Change Directory to ToRat

    cd ./ToRat

  3. Build the ToRat Docker Container

  4. you need to build a part of the container yourself to get a own onion address and certificate all prerequisites are met by the prebuilt torat-pre image in other to make quick build times possible

sudo docker build . -t torat
  1. Run the container
  2. will drop directly into the ToRat Server shell
  3. the -v flag copies the compiled binaries to the host file system

  4. to connect a machine to the server shell just run one of the client binaries on another system

    sudo docker run -it -v "$(pwd)"/dist:/dist_ext torat

  5. In another shell run the client.

    sudo chown $USER dist/ -R
cd dist/dist/client/
./client_linux

  6. See the client connect

In your Server shell you should now see something like [+] New Client H9H2FHFuvUs9Jz8U connected! You can now select this client by running select in the Server Shell which will give you a nice interactive chooser for the client you want to connect to. After you choose a client you drop in an interactive shell on the client system.

Notes

Contents of ToRat/dist after docker run

$ find ./dist
./dist/
./dist/dist
./dist/dist/client
./dist/dist/client/client_linux                   # linux client binary
./dist/dist/client/client_windows.exe             # windows client binary
./dist/dist/server
./dist/dist/server/key.pem                              # tls private-key
./dist/dist/server/banner.txt                           # banner
./dist/dist/server/cert.pem                             # tls cert
./dist/dist/server/ToRat_server                         # linux server binary

Preview

Client Commands

Command Info
cd change the working directory of the client
ls list the content of the working directory of the client
shred delete files/ directories unrecoverable
screen take a Screenshot of the client
cat view Textfiles from the client including .docx, .rtf, .pdf, .odt
alias give the client a custom alias
down download a file from the client
up upload a file to the client
speedtest speedtest a client's internet connection
hardware collects a variety of hardware specs from the client
netscan scans a clients entire network for online devices and open ports
gomap scan a local ip on a clients network for open ports and services
escape escape a command and run it in a native shell on the client
reconnect tell the client to reconnect
help lists possible commands with usage info
exit background current session and return to main shell

Server Commands

Command Info
select select client to interact with
list list all connected clients
alias select client to give an alias
cd change the working directory of the server
help lists possible commands with usage info
exit exit the server

Current Features

Architecture

  • RPC (Remote procedure Call) based communication for easy addition of new functionality
  • Automatic upx leads to client binaries of ~6MB with embedded Tor
  • sqlite via gorm for storing information about the clients
  • client is obfuscated via garble

Server Shell

  • Cross Platform reverse shell (Windows, Linux, Mac OS)
  • Supports multiple connections
  • Welcome Banner
  • Colored Output

  • Tab-Completion of:

    • Commands
    • Files/ Directories in the working directory of the server

  • Unique persistent ID for every client

    • give a client an Alias
    • all Downloads from client get saved to ./$ID/$filename

Persistence

  • Windows:

    • [ ] Multiple User Account Control Bypasses (Privilege escalation)
    • [ ] Multiple Persistence methods (User, Admin)

  • Linux:

    • [ ] Multiple Persistence methods (User, Admin)

Tor

  • Fully embedded Tor within go

  • the ToRATclient communicates over TLS encrypted RPC proxied through Tor with the ToRatserver (hidden service)

    • [x] anonymity of client and server
    • [x] end-to-end encryption

  • optional transport without Tor e.g. Use Tor2Web, a DNS Hostname or public/ local IP

    • [x] smaller binary ~3MB upx'ed
    • [ ] anonymity of client and server

Upcoming Features

Contribution

All contributions are welcome you don't need to be an expert in Go to contribute.

You may want to join the #torat channel over at the Gophers Slack

Credits