Skip to content
/ x509 Public

Proof of concept framework for transferring a file over x509 extension covert channel

License

Notifications You must be signed in to change notification settings

ProbieK/x509

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

MalCert proof of concept to accompany blog post

This is a POC demonstrating a covert channel over x509 extensions framework written in GO, for the server and pcap this demonstration shows sending mimikatz over this covert channel to a client. The filename was hardcoded "mimikatz.bin". The PCAP is from a run using local loopback.

Blog: https://www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities Paper: vixra.org/abs/1801.0016

About

Proof of concept framework for transferring a file over x509 extension covert channel

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages