{"id":18657569,"url":"https://github.com/kav-k/cnccommandmodule","last_synced_at":"2025-04-11T18:31:34.984Z","repository":{"id":146343796,"uuid":"193409882","full_name":"Kav-K/CNCCommandModule","owner":"Kav-K","description":"Seamlessly control multiple servers from one commanding program","archived":false,"fork":false,"pushed_at":"2023-10-24T04:40:16.000Z","size":91,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-25T17:07:18.494Z","etag":null,"topics":["client","command-and-control","communication","encryption","gradle","java","kryo","kryonet","networking","rsa","rsa-cryptography","serialization","server","sha256","tcp","tcp-client","tcp-server"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Kav-K.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-06-24T00:43:09.000Z","updated_at":"2023-03-03T11:01:51.000Z","dependencies_parsed_at":null,"dependency_job_id":"7c29bcee-faf6-414c-ab23-61f36fdc1d00","html_url":"https://github.com/Kav-K/CNCCommandModule","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kav-K%2FCNCCommandModule","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kav-K%2FCNCCommandModule/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kav-K%2FCNCCommandModule/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kav-K%2FCNCCommandModule/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Kav-K","download_url":"https://codeload.github.com/Kav-K/CNCCommandModule/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248458501,"owners_count":21107088,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["client","command-and-control","communication","encryption","gradle","java","kryo","kryonet","networking","rsa","rsa-cryptography","serialization","server","sha256","tcp","tcp-client","tcp-server"],"created_at":"2024-11-07T07:29:02.979Z","updated_at":"2025-04-11T18:31:34.975Z","avatar_url":"https://github.com/Kav-K.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CNCClientModule\n\nThis is the Command-And-Control communication program that I have written in Java, this was made near 2019.\n\nCommand-And-Control allows you to control multiple machines running a Linux-style operating system from one commanding machine.\n\n## Features\n- Command server can send commands to be executed on all clients at once\n- Displays the status of individual clients when sending commands\n- Displays output for all clients individually when executing a command\n- Clients automatically reconnect to command if the command server is offline for x time, or undergoes an update\n- Kill function to terminate all clients\n- Reconnection feature (Reconnect clients manually from command)\n- Secure SHA256-RSA Keypair authentication between the server and the client to make sure unauthorized commands are not executed\n## Usage\n To use the CNC system, simply type commands into the server console and it will be propagated to all clients\n - \"(LINUX TERMINAL COMMAND) - Sends the command to all connected clients and returns the output of each client. E.g, if you wanted to create a file called test.txt in the root directory of all clients, you'd simply type in \"touch /root/test.txt\" in the server console\"\n \n Custom global functions will start with a forward slash (/) and are listed below\n - \"/KILL\" - Disconnect all clients attached to server\n - \"/RECONNECT\" - Forces all clients to reconnect (and also to reobtain the server public key)\n - \"/LIST\" - Lists all the clients connected to the command server\n - \"/INFO\" - Returns the system information and statistics of all the clients connected to the command server\n \n ## Todo\n - Send commands to individual clients only (WIP)\n - Start clients on system startup\n - Two way authentication with the client acting as an authentication SOURCE\n ## How To Use\n - Build the CNCCommandModule\n - Build the CNCClientModule after replacing the COMMANDIP and COMMANDPORT fields in Main.java with the respective ip and port of your command module\n - Run the jars on the servers you want connected\n - Done! (Simple right?)\n \n \n ## Security\n This system is NOT cryptographically secure but does have a system of verification to ensure that server Command requests are authentic. The current security implementation involves the client sending a KeyRequest to the server. The server will then send back a copy of its public key to the client. Authentic communication from the designated server will have a digital signature attached to it, and will be verified on the client side before commands are executed.\n \n - Client sends a KeyRequest to the COMMANDIP, if accepted by the server, the server will send back a PublicKeyTransmission object.\n - Client will check if the PublicKeyTransmission object was sent from the COMMANDIP, and will write the public key into a file.\n - All commands sent from the command server will be digitally signed by its private key\n - All commands to be executed on clients will be validated by using the public key, and only valid commands will execute on the client side\n - The public and private keypairs use the SHA-256 hashing algorithm with RSA, which has not been compromised yet, unlike the SHA1 algorithm.\n \n In addition to the above, the command server, once authenticated with a client, will continuously send authentication updates to a client, the moment the server gets turned off or can't be reached, clients will immediately be deauthenticated and will try to reauthenticate with command. This is useful in preventing man-in-the-middle attacks.\n \n This system is however NOT fully cryptographically secure, and I advise against using this in applications where sensitive commands and information is involved.\n \n ## Kryonet\n This project uses the kryonet library from EsotericSoftware (https://github.com/EsotericSoftware/kryonet) Kryonet is an asynchronous communication library for Java built upon Java NIO and makes communication throughout this program seamless.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkav-k%2Fcnccommandmodule","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkav-k%2Fcnccommandmodule","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkav-k%2Fcnccommandmodule/lists"}