diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..93a988b --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +dnscat2 (0.07-0kali1) kali-dev; urgency=medium + + * Initial release (see 6668) + + -- Sophie Brun Tue, 25 Aug 2020 11:27:16 +0200 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..8c69937 --- /dev/null +++ b/debian/control @@ -0,0 +1,47 @@ +Source: dnscat2 +Section: net +Priority: optional +Maintainer: Kali Developers +Uploaders: Sophie Brun +Build-Depends: debhelper-compat (= 13) +Standards-Version: 4.5.0 +Homepage: https://github.com/iagox86/dnscat2 +Vcs-Browser: https://gitlab.com/kalilinux/packages/dnscat2 +Vcs-Git: https://gitlab.com/kalilinux/packages/dnscat2.git +Rules-Requires-Root: no + +Package: dnscat2 +Architecture: all +Section: metapackages +Depends: ${misc:Depends}, dnscat2-client, dnscat2-server +Description: DNS tunnel (metapackage) + This tool is designed to create an encrypted command-and-control (C&C) channel + over the DNS protocol, which is an effective tunnel out of almost every + network. + +Package: dnscat2-client +Architecture: any +Depends: ${misc:Depends}, ${shlibs:Depends} +Suggests: dnscat2-server +Description: DNS tunnel, the client part + This tool is designed to create an encrypted command-and-control (C&C) channel + over the DNS protocol, which is an effective tunnel out of almost every + network. + . + The client is designed to be run on a compromised machine. + +Package: dnscat2-server +Architecture: all +Depends: ${misc:Depends}, + ruby | ruby-interpreter, + ruby-trollop, + ruby-salsa20, + ruby-ecdsa, + ruby-sha3 +Suggests: dnscat2-client +Description: DNS tunnel, the server part + This tool is designed to create an encrypted command-and-control (C&C) channel + over the DNS protocol, which is an effective tunnel out of almost every + network. + . + The server is designed to be run on an authoritative DNS server. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..39e7820 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,136 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: dnscat2 +Source: https://github.com/iagox86/dnscat2 + +Files: * +Copyright: 2013-2015, Ron Bowes All rights reserved +License: BSD-3-clause + +Files: client/libs/my_getopt.* +Copyright: 1997, 2000-2002, 2006 Benjamin Sittler +License: Expat + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation + files (the "Software"), to deal in the Software without + restriction, including without limitation the rights to use, copy, + modify, merge, publish, distribute, sublicense, and/or sell copies + of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT + HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + DEALINGS IN THE SOFTWARE. + +Files: client/libs/pstdint.h +Copyright: 2005-2007 Paul Hsieh +License: BSD-3-clause + +Files: client/libs/crypto/salsa20.c +Copyright: None +License: Public-Domain + License; from https://github.com/alexwebr/salsa20/blob/master/LICENSE.txt + The person or persons who have associated work with this document (the + "Dedicator" or "Certifier") hereby either (a) certifies that, to the best of + his knowledge, the work of authorship identified is in the public domain of + the country from which the work is published, or (b) hereby dedicates + whatever copyright the dedicators holds in the work of authorship identified + below (the "Work") to the public domain. A certifier, moreover, dedicates + any copyright interest he may have in the associated work, and for these + purposes, is described as a "dedicator" below. + . + A certifier has taken reasonable steps to verify the copyright status of + this work. Certifier recognizes that his good faith efforts may not shield + him from liability if in fact the work certified is not in the public + domain. + . + Dedicator makes this dedication for the benefit of the public at large and + to the detriment of the Dedicator's heirs and successors. Dedicator intends + this dedication to be an overt act of relinquishment in perpetuity of all + present and future rights under copyright law, whether vested or contingent, + in the Work. Dedicator understands that such relinquishment of all rights + includes the relinquishment of all rights to enforce (by lawsuit or + otherwise) those copyrights in the Work. + . + Dedicator recognizes that, once placed in the public domain, the Work may be + freely reproduced, distributed, transmitted, used, modified, built upon, or + otherwise exploited by anyone for any purpose, commercial or non-commercial, + and in any way, including by methods that have not yet been invented or + conceived. + +Files: client/libs/crypto/sha3.c +Copyright: 2013 Aleksey Kravchenko +License: Other + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the "Software"), + to deal in the Software without restriction, including without limitation + the rights to use, copy, modify, merge, publish, distribute, sublicense, + and/or sell copies of the Software, and to permit persons to whom the + Software is furnished to do so. + . + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + or FITNESS FOR A PARTICULAR PURPOSE. Use this program at your own risk! + +Files: client/libs/crypto/micro-ecc/* +Copyright: 2014-2015, Kenneth MacKay +License: BSD-2-clause + All rights reserved. + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +Files: debian/* +Copyright: 2020 Sophie Brun +License: BSD-3-clause + +License: BSD-3-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of the organization nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/debian/dnscat2-client.install b/debian/dnscat2-client.install new file mode 100644 index 0000000..fa5475c --- /dev/null +++ b/debian/dnscat2-client.install @@ -0,0 +1 @@ +client/dnscat usr/bin diff --git a/debian/dnscat2-server.docs b/debian/dnscat2-server.docs new file mode 100644 index 0000000..30d29de --- /dev/null +++ b/debian/dnscat2-server.docs @@ -0,0 +1 @@ +doc/* diff --git a/debian/dnscat2-server.install b/debian/dnscat2-server.install new file mode 100644 index 0000000..740007d --- /dev/null +++ b/debian/dnscat2-server.install @@ -0,0 +1,6 @@ +server/*.rb usr/share/dnscat2 +server/controller usr/share/dnscat2 +server/drivers usr/share/dnscat2 +server/libs usr/share/dnscat2 +server/tunnel_drivers usr/share/dnscat2 +debian/helper-script/* usr/bin diff --git a/debian/helper-script/dnscat2-server b/debian/helper-script/dnscat2-server new file mode 100644 index 0000000..c6ad2ff --- /dev/null +++ b/debian/helper-script/dnscat2-server @@ -0,0 +1,5 @@ +#!/bin/sh + +set -e + +sudo ruby /usr/share/dnscat2/dnscat2.rb "$@" diff --git a/debian/patches/Add-missing-flags.patch b/debian/patches/Add-missing-flags.patch new file mode 100644 index 0000000..b0dfb8a --- /dev/null +++ b/debian/patches/Add-missing-flags.patch @@ -0,0 +1,21 @@ +From: Sophie Brun +Date: Tue, 25 Aug 2020 18:42:25 +0200 +Subject: Add missing flags + +--- + client/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/client/Makefile b/client/Makefile +index 20913ef..2d56e6d 100644 +--- a/client/Makefile ++++ b/client/Makefile +@@ -66,7 +66,7 @@ clean: + -rm -rf win32/*.vcproj.* + + dnscat: ${DNSCAT_DNS_OBJS} +- ${CC} ${CFLAGS} -o dnscat ${DNSCAT_DNS_OBJS} ++ ${CC} ${CFLAGS} ${LDFLAGS} -o dnscat ${DNSCAT_DNS_OBJS} + @echo "*** dnscat successfully compiled" + + COMMANDS=drivers/command/commands_standard.h \ diff --git a/debian/patches/Fix-spelling-error.patch b/debian/patches/Fix-spelling-error.patch new file mode 100644 index 0000000..29e9b58 --- /dev/null +++ b/debian/patches/Fix-spelling-error.patch @@ -0,0 +1,21 @@ +From: Sophie Brun +Date: Tue, 25 Aug 2020 18:05:35 +0200 +Subject: Fix spelling error + +--- + client/controller/session.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/client/controller/session.c b/client/controller/session.c +index a10b891..749a259 100644 +--- a/client/controller/session.c ++++ b/client/controller/session.c +@@ -332,7 +332,7 @@ static NBBOOL _handle_enc_before_auth(session_t *session, packet_t *packet) + /* Check their authenticator. */ + if(memcmp(packet->body.enc.authenticator, session->encryptor->their_authenticator, 32)) + { +- LOG_FATAL("Their authenticator was wrong! That likely means something weird is happening on the newtork..."); ++ LOG_FATAL("Their authenticator was wrong! That likely means something weird is happening on the network..."); + exit(1); + } + diff --git a/debian/patches/keep-upstream-CFLAGS.patch b/debian/patches/keep-upstream-CFLAGS.patch new file mode 100644 index 0000000..62fe341 --- /dev/null +++ b/debian/patches/keep-upstream-CFLAGS.patch @@ -0,0 +1,25 @@ +From: Sophie Brun +Date: Tue, 25 Aug 2020 15:31:23 +0200 +Subject: Keep the upstream CFLAGS + +Last-Update: 2020-08-25 + + +We need to have at least the FLAGS --std=c89 -I. for the build. +--- + client/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/client/Makefile b/client/Makefile +index 297bc92..20913ef 100644 +--- a/client/Makefile ++++ b/client/Makefile +@@ -9,7 +9,7 @@ + CC?=gcc + DEBUG_CFLAGS?=-DTESTMEMORY -Werror -O0 + RELEASE_CFLAGS?=-Os +-CFLAGS?=--std=c89 -I. -Wall -D_DEFAULT_SOURCE -fstack-protector-all -Wformat -Wformat-security -g ++CFLAGS+=--std=c89 -I. -Wall -D_DEFAULT_SOURCE -fstack-protector-all -Wformat -Wformat-security -g + LIBS=-pie -Wl,-z,relro,-z,now + + OBJS=controller/packet.o \ diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..f948529 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,3 @@ +keep-upstream-CFLAGS.patch +Fix-spelling-error.patch +Add-missing-flags.patch diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..8516c46 --- /dev/null +++ b/debian/rules @@ -0,0 +1,13 @@ +#!/usr/bin/make -f +# output every command that modifies files on the build system. +#export DH_VERBOSE = 1 + +# see FEATURE AREAS in dpkg-buildflags(1) +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +%: + dh $@ + +override_dh_fixperms-indep: + dh_fixperms + chmod 644 debian/dnscat2-server/usr/share/dnscat2/dnscat2.rb diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..72396d5 --- /dev/null +++ b/debian/watch @@ -0,0 +1,4 @@ +version=4 +opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%dnscat2-$1.tar.gz%" \ + https://github.com/iagox86/dnscat2/tags \ + (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate