Skip to main content

Pivotr - a remote command execution and pivoting framework

Project description

Pivotr - A remote command execution framework

The aim of pivotr initially is to simplify the task of maintaining ssh connections throughout a network environment. These connections, which we refer to as 'nodes', are stored in an encrypted file as a list of objects. Each object currently only contains very basic data regarding each node, including a basic node ID (and consequently, the id of the node in the list), the node's IP address, and the option to append a username and password to the node if SSH credentials are known.

Stage 1 - Nodes:

  • Implement basic node manipulation, including the ability to add, delete, modify, view nodes
  • Implement basic node data persistance (in this case, pickling)
  • Successfully send single SSH commands or make SSH connections to nodes with credentials
  • Implement pivot functionality to where connections that require jumps between nodes are seamless
  • Encrypt all stored data given the need for stored credentials to nodes
  • Add 'mapping' functionality to display a basic map of connected nodes via CLI (aesthetically differentiates between nodes with credentials and nodes without)
  • Add uploading/downloading to/from nodes via SCP
  • Implement a 'snapshot' feature to allow us to save encrypted node data to be utilized later if necessary
  • Introduce ping-sweep feature that scans for hosts on a node's subnet and adds all new discoveries as nodes without credentials
  • Work on input validation and clean up code

Stage 2 - Agents:

  • Implement a master server process to listen for incoming 'reverse' connections
  • Add to node object variables in order to account for much larger data sets provided by agents (see next bullet point)
  • Design 'agent' executables that, when run, connect back to our pivotr server. These agents will be the hallmark of any non-ssh functionality and will include features such as:
    • The ability to harvest data from their respective hosts and transmit the data back to our pivotr server for safekeeping
    • Remain persistent and callback to the pivotr server after a connection is lost
    • Utilize IDS/IPS avoidance and obfuscation to maintain persistence
    • Transmit data via encrypted channels
    • Cross-platform, non-OS-specific implementation
    • Integration into current node object schema and mapping functionality

Stage 3 - Profit

  • ?

(back to top)

Setup

Clone this project:

git clone https://gitlab.com/maturon/pivotr

Enter the new project file:

cd pivotr

Create a virtual environment for all dependencies and activate environment:

python -m venv .
source bin/activate

Install dependencies:

pip install -r requirements.txt

Note: may implement this as a more portable executable with pip install -U pyinstaller and pyinstaller pivotr.py

Pivotr basics

Help:

pivotr.py -h

Show map of all nodes we currently know about (hard lines are credentialed hosts, dotted lines have no credentials):

pivotr.py -m

╭─────────────────╮
│n0 - pivotr      │
│  192.168.1.150  │
╰───────────┬─────╯
                                   ├──┤n1                                192.168.1.1                                                             ├──┤n2                               192.168.1.59                                        ╭─────────────────╮
            ├──┤n3                               192.168.1.170                ╰─────────┬───────╯
                                                           ├──┤n4                                              10.0.2.3                                                                 ╭─────────────────╮
                        ├──┤n5                                              10.0.2.1                              ╰─────────┬───────╯
                                      ╭─────────────────╮
                                    ╰──┤n10                                                        172.6.12.15                                          ╰─────────────────╯
                                                           ├──┤n6                                              10.0.2.4                                                                                                  ├──┤n7                                              10.0.2.2                                                                 ╭─────────────────╮
                        ╰──┤n8                                               10.0.2.5                               ╰─────────────────╯
                                   ╰──┤n9                                   1.2.3.4                             

Since our host is node 0 (n0) by default, run a ping sweep from n0 to map our subnet (check to see if ping sweep was successfully by running pivotr.py -m afterward):

pivotr.py -n0 -S

Add known SSH credentials to node 10:

pivotr.py -n10 -e

Current node values:
    1) IP addr:   172.6.12.15
    2) UN:        jsmith
    3) PW:        
    4) Exit:

Select property to edit: 3

New password: ************

Node 10 successfully modified.

Send command uname -a to node 10 via SSH:

pivotr.py -n10 -c "uname -a"

Make SSH connection to node 10:

pivotr.py -n10 -i

jsmith@172.6.12.15$

Save our current node data set for later use in ./snapshots directory:

pivotr.py -s

Use a data set from ./snapshots (which replaces current data set at /tmp/nodes.data):

./pivotr.py -f ./snapshots/2024-01-15_114534-nodes.data

(back to top)

Contact

Maturon Miner - maturon@gmail.com

(back to top)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pivotr-0.0.2.post3.tar.gz (54.4 kB view details)

Uploaded Source

Built Distribution

pivotr-0.0.2.post3-py3-none-any.whl (43.0 kB view details)

Uploaded Python 3

File details

Details for the file pivotr-0.0.2.post3.tar.gz.

File metadata

  • Download URL: pivotr-0.0.2.post3.tar.gz
  • Upload date:
  • Size: 54.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.1.dev0+g94f810c.d20240510 CPython/3.12.4

File hashes

Hashes for pivotr-0.0.2.post3.tar.gz
Algorithm Hash digest
SHA256 591ecf75499f3913db911cbf54f71ab29aabca6de85dc5f72b8a45a768ce888c
MD5 8774f02aeea2feef388982a114faa16f
BLAKE2b-256 6e3aecceb2b88e4bd09d02da9c454482c3bf765b2453f3a0e0f0c0807f1e2510

See more details on using hashes here.

File details

Details for the file pivotr-0.0.2.post3-py3-none-any.whl.

File metadata

  • Download URL: pivotr-0.0.2.post3-py3-none-any.whl
  • Upload date:
  • Size: 43.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.1.dev0+g94f810c.d20240510 CPython/3.12.4

File hashes

Hashes for pivotr-0.0.2.post3-py3-none-any.whl
Algorithm Hash digest
SHA256 5eb505be6cd08d97bf1dc9078dd82ec39d56b2f892de06aa0257cbbaddda2eac
MD5 ec094d9c3fa8c0c9a6ddd2bd2b4ed3d0
BLAKE2b-256 a63669d59612f4a8afb0131f23ab3fc50ee347ab746ceff3df17e17e86bfe3ff

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page