Skip to content
/ x509 Public

Proof of concept framework for transferring a file over x509 extension covert channel

License

MIT license
0 stars 21 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ProbieK/x509

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
Jason Reaves
Initial release
Feb 5, 2018
ec1dae7 · Feb 5, 2018

History

1 Commit
helper
helper
Feb 5, 2018
client.go
client.go
Feb 5, 2018
license.txt
license.txt
Feb 5, 2018
mimikatz_sent.pcap
mimikatz_sent.pcap
Feb 5, 2018
readme.md
readme.md
Feb 5, 2018
server.go
server.go
Feb 5, 2018

Repository files navigation

MalCert proof of concept to accompany blog post

This is a POC demonstrating a covert channel over x509 extensions framework written in GO, for the server and pcap this demonstration shows sending mimikatz over this covert channel to a client. The filename was hardcoded "mimikatz.bin". The PCAP is from a run using local loopback.

Blog: https://www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities Paper: vixra.org/abs/1801.0016

About

Proof of concept framework for transferring a file over x509 extension covert channel

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

21 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages