-
Notifications
You must be signed in to change notification settings - Fork 69
The framework
This project is an open-source Python based tunnelling framework that helps you create a tunnel between two (or more) computer on different channels/protocols. Although the name of the project correlates with the word "exfiltrate", the framework is more about tunnelling than exfiltration. The main use-case for it is to create a full Internet Protocol (IPv4) based tunnel between the end points that can be used as a communication channel to send IP packets back and forth.
The tool is built on the client-server architecture, so at least two computers are needed to set up the environment. The server side can offer different protocols that can be used for tunnelling. The client chooses a protocol that is offered by the server and available on the client network (for example: allowed on the firewall or not restricted by an active network device), and attempts to create a communication channel or tunnel with the server. If the process succeed, the specified protocol will be used to tunnel data over the network.
There is nothing new about tunnelling, there are and were loads of tools on the Internet that can be used, but exactly this was the issue. Each and every tool was designed to do tunnelling over a specific protocol and that it is. In every cases there were some issues like:
- No Portability
- No Modularity
- No Automation
- No Support or it was End of Life product
- No Documentation
- Hard to configure
This project aims to change the landscape of tunnelling, by developing a framework that fixes these issues.
By aiming to change this, XFLTReaT works as a framework. It supports multiple protocols (not just only one) and unifies the interface for all tunnelling modules. It is possible to create new tunnel modules for protocols with ease.
The framework makes it easier for everybody who wants to do tunnelling, because:
- It is easy to install and configure (still a basic understanding is needed)
- The dependencies are kept low
- Unified tunnelling interface is developed for creating modules
- Uses only one interface for all traffic
- Handles multiple client
- Modular authentication support (needs some improvements)
- Modular encryption support (will be introduced later)
- Python based and OOP
- Check functionality to map out the network (see below)
default mode, --server btw, runs all the modules enabled
--check, connects to the server on each enabled modules, sends challenge, receives results, red or green
--client, only one module MUST be enabled. Creates a tunnel over the enabled protocol.
Under development, see development article. Creates a skeleton for modules that is used by the framework. Variants: RDP, SSL, OOB
it is good because easier to handle as an admin. elegant, clever.
XFLTReaT 2017-2020 Balazs Bucsay @xoreipeip
- Home - Introduction to XFLTReaT
- The framework - The framework explained
- Installation - How to install the tool
- Configuration - How to configure the framework
- Operating System support - See the supported Operating Systems
- Transport modules - Explanation of the transport modules
- Authentication modules - Explanation of the authentication modules
- Encryption modules - Explanation of the encryption modules
- Use Cases - Examples use cases
- Development - How to develop for the framework