invizible: Covert Channel File Transfer

Registered 2011-04-20 by Wes Kenzie

invizible is a file transfer program which allows copying of any files readable from any client machine to any remote machine using standard, unaltered DNS lookups/queries as its covert channel. A copy of the program must be run on both the originating (client) machine, and the destination (server) machine, with the server running/listening before the client starts the transfer. Raw sockets are used on the client, and the pcap library is used on the server so no listening ports and no tcp connections are required or used. The client needs to be able to send to a DNS server port 53. The server needs to be able to receive responses from a DNS server port 53. The in-progress file transfer is essentially undetectable from any point along the communications path. The source of the file transfer is also essentially undetectable.

This is a project based on the ideas presented in the covert_tcp.c program created by Craig H. Rowland in 1996 to allow arbitrary file transfers over covert channels by using the IP header identification field. Rather than using TCP, as Rowland did, invizible uses UDP packets bounced off any DNS server(s) for various lookup request/queries and maps these requests to an internal representation of the characters.

Project information

Maintainer:
Wes Kenzie
Driver:
Wes Kenzie
Development focus:

trunk series 

lp:invizible 
Browse the code

Programming Languages:
C
Licences:
Simplified BSD Licence
()

RDF metadata

View full history Series and milestones

Invizible file transfer program trunk series is the current focus of development

All bugs Latest bugs reported

Downloads

Invizible file transfer program does not have any download files registered with Launchpad.

Announcements