-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathImperialshags Handshake.drawio
73 lines (73 loc) · 7.5 KB
/
Imperialshags Handshake.drawio
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<mxfile host="app.diagrams.net" modified="2021-02-28T20:47:53.766Z" agent="5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36 OPR/74.0.3911.107" etag="cou3FkKNfu4OcNXxx59N" version="14.2.2" type="github">
<diagram id="RbCMsgIsgRVsEcsGoZlV" name="Page-1">
<mxGraphModel dx="2232" dy="764" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="03PHYGCBmPhE4L3k556q-2" value="" style="pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;fillColor=#505050;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.mainframe_host;" parent="1" vertex="1">
<mxGeometry x="205.5" y="285" width="54" height="57" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-3" value="" style="pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.physical_host;fillColor=#2072B8;" parent="1" vertex="1">
<mxGeometry x="670" y="290" width="27" height="52" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-4" value="" style="pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;fillColor=#505050;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.mainframe_host;" parent="1" vertex="1">
<mxGeometry x="205.5" y="370" width="54" height="57" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-5" value="" style="pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;fillColor=#505050;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.mainframe_host;" parent="1" vertex="1">
<mxGeometry x="205.5" y="455" width="54" height="57" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-6" value="" style="pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.physical_host;fillColor=#2072B8;" parent="1" vertex="1">
<mxGeometry x="670" y="375" width="27" height="52" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-7" value="" style="pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.physical_host;fillColor=#2072B8;" parent="1" vertex="1">
<mxGeometry x="670" y="460" width="27" height="52" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-8" value="" style="endArrow=classic;html=1;fontStyle=1" parent="1" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="660" y="316" as="sourcePoint" />
<mxPoint x="280" y="316" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-9" value="TCP Socket Connection" style="edgeLabel;resizable=0;html=1;align=center;verticalAlign=middle;" parent="03PHYGCBmPhE4L3k556q-8" connectable="0" vertex="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-10" value="Command And Control Server" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=3" parent="1" vertex="1">
<mxGeometry x="161" y="250" width="143" height="20" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-11" value="Infected Computer (Agent)" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=3" parent="1" vertex="1">
<mxGeometry x="607" y="250" width="143" height="20" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-12" value="" style="endArrow=classic;html=1;fontStyle=1" parent="1" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="660" y="398" as="sourcePoint" />
<mxPoint x="280" y="398" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-13" value="AES 256 Key &amp; Nonce encrypted with <b>hardcoded</b> public RSA key" style="edgeLabel;resizable=0;html=1;align=center;verticalAlign=middle;" parent="03PHYGCBmPhE4L3k556q-12" connectable="0" vertex="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-14" value="" style="endArrow=classic;html=1;" parent="1" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="280" y="483" as="sourcePoint" />
<mxPoint x="650" y="483" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-15" value="ACK Encrypted with the agent's AES 256 Key &amp; Nonce" style="edgeLabel;resizable=0;html=1;align=center;verticalAlign=middle;" parent="03PHYGCBmPhE4L3k556q-14" connectable="0" vertex="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-16" value="<b><u><font style="font-size: 20px">Imperialshag's Handshake visualized</font></u></b>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
<mxGeometry x="320" y="210" width="260" height="20" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-17" value="<b style="font-size: 10px;">Agent uses a crypto library such as libsodium in order to generate an AES256 key, then it proceeds to encrypt the key + nonce with the server's RSA key which is hard coded to the agent's code&nbsp;</b>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="697" y="370" width="210" height="70" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-18" value="<b style="font-size: 10px">The Command and Control server should decrypt the message using it's private RSA key which is used to decrypt messages, right now we have the agent's encryption key so we can communicate with it securely with no way of anyone sniffing our traffic and actually knowing what's going on :) REKT.</b>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="-80" y="352" width="270" height="103" as="geometry" />
</mxCell>
<mxCell id="03PHYGCBmPhE4L3k556q-20" value="Server proceeds to send a string equals to "ACK" which is a sign of handshake acknowledgement. we may change to operational state now." style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;fontStyle=1" parent="1" vertex="1">
<mxGeometry x="270" y="512" width="390" height="20" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>