link is a command and control framework written in rust

Last update: Dec 24, 2022

Overview

link

link is a command and control framework written in rust. Currently in alpha.

Introduction
Features
Feedback
Build Process
Acknowledgments

Introduction

At this stage of development, link provides a Windows implant only which lacks evasive tradecraft provided by other more mature command and control frameworks.

Tested on Linux only.

Features

Hopefully this list expands for humans to actually want to use this:

HTTPS communication
Process injection
In-memory .NET assembly execution
SharpCollection tools
sRDI implementation for shellcode generation

Feedback

link is currently not even in beta, but fo feel free to file an issue.

Build Process

Clone or download the repo
cargo run if you are eager to run it right now
cargo build --release to build the link server executable

For more information checkout Installation and Usage.

Acknowledgments

A non-exhaustive list of those who have in some way inspired this project by means of writing code, snippets, ideas or inspiration:

@rust
@moloch--
@djhohnstein
@lesnuages
@Flangvik
@monoxgas
@b4rtik

Comments

generate-osx issue

🔗 > generate-osx xxx:xxx first osx link build will take time building osx cross compilation dependencies osxcross cloned OSX 10.11 SDK downloaded updated clang build building osxcross... this will take a while osxcross built please wait... No such file or directory (os error 2) No such file or directory (os error 2)

I have this issue on macOS, Kali, CentOS
question

opened by starryloki 5
cargo not installed, the following command may help:

cargo not installed, the following command may help: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Hello, my local virtual machine can run this project, but VPS is suitable for Kali and cannot run. After running, it will be displayed as above

opened by jiexiaobai 4

rustup does not have x86_64-pc-windows-gnu target

Hi, when I try to generate a windows link I get:

> generate 10.10.10.10:8443
rustup does not have x86_64-pc-windows-gnu target, the following command may help:
rustup target add x86_64-pc-windows-gnu

However, I do. Here's my cargo config. Any tip?

$ cat .cargo/config 
[target.x86_64-pc-windows-gnu]
linker = "/usr/bin/x86_64-w64-mingw32-gcc"
ar = "/usr/x86_64-w64-mingw32/bin/ar"

Thank you.

opened by ctfpwner 4

kali can not run it

when finished all install ./link run it
it feedfack erros like： im not use root to install it

Please provide bind address (eg: 0.0.0.0:443): thread '' panicked at 'called Result::unwrap() on an Err value: ErrorStack([Error { code: 33558530, library: "system library", function: "fopen", reason: "No such file or directory", file: "../crypto/bio/bss_file.c", line: 288, data: "fopen('cert/key.pem','r')" }, Error { code: 537346050, library: "BIO routines", function: "file_ctrl", reason: "system lib", file: "../crypto/bio/bss_file.c", line: 290 }, Error { code: 336265218, library: "SSL routines", function: "SSL_CTX_use_PrivateKey_file", reason: "system lib", file: "../ssl/ssl_rsa.c", line: 521 }])', src/server/spawn.rs:34:14 note: run with RUST_BACKTRACE=1 environment variable to display a backtrace

i can't find any information from google！

thanks for your response?^_^ Have a nice day !
bug duplicate

opened by wiwei132 3
Could not find tool, even after running sharp init and re-installing link.

Interacting with the links works fine, but when I go to run something like sharp init svchost winPEAS it dumps could not find tool, at the main menu the following command may help: sharp init. Whenever I run that command it just prints updating sharpcollection and nothing changes. Am I doing something wrong?
bug question

opened by grag1337 2
i can not run it

Please provide bind address (eg: 0.0.0.0:443): 0.0.0.0:443 thread '' panicked at 'called Result::unwrap() on an Err value: ErrorStack([Error { code: 33558530, library: "system library", function: "fopen", reason: "No such file or directory", file: "../crypto/bio/bss_file.c", line: 288, data: "fopen('cert/key.pem','r')" }, Error { code: 537346050, library: "BIO routines", function: "file_ctrl", reason: "system lib", file: "../crypto/bio/bss_file.c", line: 290 }, Error { code: 336265218, library: "SSL routines", function: "SSL_CTX_use_PrivateKey_file", reason: "system lib", file: "../ssl/ssl_rsa.c", line: 521 }])', src/server/spawn.rs:34:14
bug

opened by ShimizuKawasaki 2
generate fail for windows

🔗 > generate 1.1.1.1:443 please wait... link successfully built No such file or directory (os error 2) No such file or directory (os error 2) Could not find DLL

opened by M00nT0 1
Could not find DLL

hi postrequest: when i install it on my ubuntu 18.04 use default kali-install.sh report """"Could not find DLL...."""" this error report sooo simple!

hava a nice day !
question wontfix

opened by wiwei132 1
Cannot load amsi.dll Failed

A Shell pop up when I use sharp SharpKatz --Command logonpasswords. then error shows Cannot load amsi.dll Failed pMethodInfo->Invoke_3 w/hr 0x80131604. How can i fix it?
bug

opened by Fankaren 1
What is the reason for this error?
`root@CzTeam:~/LinkAkihi/link-main# ./target/release/link

.-') _ .-. .-') ( OO ) ) \ ( OO )

,--. ,-.-') ,--./ ,--,' ,--. ,--. | |.-') | |OO) | \ | |\ | .' / | | OO ) | | \ | | | ) | /, | |-' | | |(_/ | . |/ | ' _) (| '---.' ,| |_.' | |\ | | . \ | | (_| | | | \ | | |\ \------' --'--' --'--' '--' Start web server (Y/n)? y starting server Please provide bind address (eg: 0.0.0.0:443): 【Cloud server public network IP】:19991 Could not bind to 【Cloud server public network IP】:19991: Cannot assign requested address (os error 99) ` What is the reason for this error?
opened by Air-m1 1
veil migt be worth a look

veil evasion

https://github.com/topics/antivirus-evasion

https://github.com/PushpenderIndia/crypter

https://github.com/KooroshRZ/Evader cpp

https://github.com/NishanthSpShetty/crust transpiler cpp > rust...
enhancement

opened by necrose99 1

Update dependencies to fix vulnerabilities

Hello,

Running cargo audit against the project raises 3 vulnerabilities from dependencies:

┌──(kali㉿kali)-[~/link]
└─$ cargo audit              
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 461 security advisories (from /home/kali/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (245 crate dependencies)
Crate:     nix
Version:   0.19.1
Title:     Out-of-bounds write in nix::unistd::getgrouplist
Date:      2021-09-27
ID:        RUSTSEC-2021-0119
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0119
Solution:  Upgrade to ^0.20.2 OR ^0.21.2 OR ^0.22.2 OR >=0.23.0
Dependency tree:
nix 0.19.1
└── rustyline 7.1.0
    └── link 0.1.0

Crate:     time
Version:   0.1.44
Title:     Potential segfault in the time crate
Date:      2020-11-18
ID:        RUSTSEC-2020-0071
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0071
Solution:  Upgrade to >=0.2.23
Dependency tree:
time 0.1.44
└── chrono 0.4.22
    └── link 0.1.0

Crate:     tokio
Version:   0.2.25
Title:     Data race when sending and receiving after closing a `oneshot` channel
Date:      2021-11-16
ID:        RUSTSEC-2021-0124
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0124
Solution:  Upgrade to >=1.8.4, <1.9.0 OR >=1.13.1
Dependency tree:
tokio 0.2.25
├── trust-dns-resolver 0.19.7
│   └── actix-connect 2.0.0
│       └── actix-http 2.2.2
│           ├── awc 2.0.3
│           │   └── actix-web 3.3.3
│           │       └── link 0.1.0
│           └── actix-web 3.3.3
├── trust-dns-proto 0.19.7
│   ├── trust-dns-resolver 0.19.7
│   └── actix-connect 2.0.0
├── tokio-util 0.3.1
│   ├── h2 0.2.7
│   │   └── actix-http 2.2.2
│   └── actix-codec 0.3.0
│       ├── awc 2.0.3
│       ├── actix-web 3.3.3
│       ├── actix-utils 2.0.0
│       │   ├── actix-web 3.3.3
│       │   ├── actix-tls 2.0.0
│       │   │   ├── actix-web 3.3.3
│       │   │   └── actix-http 2.2.2
│       │   ├── actix-server 1.0.4
│       │   │   ├── actix-web 3.3.3
│       │   │   └── actix-testing 1.0.1
│       │   │       └── actix-web 3.3.3
│       │   ├── actix-http 2.2.2
│       │   └── actix-connect 2.0.0
│       ├── actix-tls 2.0.0
│       ├── actix-server 1.0.4
│       ├── actix-http 2.2.2
│       └── actix-connect 2.0.0
├── tokio-openssl 0.4.0
│   ├── actix-tls 2.0.0
│   └── actix-connect 2.0.0
├── h2 0.2.7
├── actix-rt 1.1.1
│   ├── awc 2.0.3
│   ├── actix-web 3.3.3
│   ├── actix-utils 2.0.0
│   ├── actix-testing 1.0.1
│   ├── actix-server 1.0.4
│   ├── actix-http 2.2.2
│   └── actix-connect 2.0.0
└── actix-codec 0.3.0

Crate:     net2
Version:   0.2.37
Warning:   unmaintained
Title:     `net2` crate has been deprecated; use `socket2` instead
Date:      2020-05-01
ID:        RUSTSEC-2020-0016
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0016
Dependency tree:
net2 0.2.37
├── miow 0.2.2
│   └── mio 0.6.23
│       ├── tokio 0.2.25
│       │   ├── trust-dns-resolver 0.19.7
│       │   │   └── actix-connect 2.0.0
│       │   │       └── actix-http 2.2.2
│       │   │           ├── awc 2.0.3
│       │   │           │   └── actix-web 3.3.3
│       │   │           │       └── link 0.1.0
│       │   │           └── actix-web 3.3.3
│       │   ├── trust-dns-proto 0.19.7
│       │   │   ├── trust-dns-resolver 0.19.7
│       │   │   └── actix-connect 2.0.0
│       │   ├── tokio-util 0.3.1
│       │   │   ├── h2 0.2.7
│       │   │   │   └── actix-http 2.2.2
│       │   │   └── actix-codec 0.3.0
│       │   │       ├── awc 2.0.3
│       │   │       ├── actix-web 3.3.3
│       │   │       ├── actix-utils 2.0.0
│       │   │       │   ├── actix-web 3.3.3
│       │   │       │   ├── actix-tls 2.0.0
│       │   │       │   │   ├── actix-web 3.3.3
│       │   │       │   │   └── actix-http 2.2.2
│       │   │       │   ├── actix-server 1.0.4
│       │   │       │   │   ├── actix-web 3.3.3
│       │   │       │   │   └── actix-testing 1.0.1
│       │   │       │   │       └── actix-web 3.3.3
│       │   │       │   ├── actix-http 2.2.2
│       │   │       │   └── actix-connect 2.0.0
│       │   │       ├── actix-tls 2.0.0
│       │   │       ├── actix-server 1.0.4
│       │   │       ├── actix-http 2.2.2
│       │   │       └── actix-connect 2.0.0
│       │   ├── tokio-openssl 0.4.0
│       │   │   ├── actix-tls 2.0.0
│       │   │   └── actix-connect 2.0.0
│       │   ├── h2 0.2.7
│       │   ├── actix-rt 1.1.1
│       │   │   ├── awc 2.0.3
│       │   │   ├── actix-web 3.3.3
│       │   │   ├── actix-utils 2.0.0
│       │   │   ├── actix-testing 1.0.1
│       │   │   ├── actix-server 1.0.4
│       │   │   ├── actix-http 2.2.2
│       │   │   └── actix-connect 2.0.0
│       │   └── actix-codec 0.3.0
│       ├── mio-uds 0.6.8
│       │   ├── tokio 0.2.25
│       │   └── actix-server 1.0.4
│       └── actix-server 1.0.4
└── mio 0.6.23

Crate:     stdweb
Version:   0.4.20
Warning:   unmaintained
Title:     stdweb is unmaintained
Date:      2020-05-04
ID:        RUSTSEC-2020-0056
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.27
    ├── cookie 0.14.4
    │   └── actix-http 2.2.2
    │       ├── awc 2.0.3
    │       │   └── actix-web 3.3.3
    │       │       └── link 0.1.0
    │       └── actix-web 3.3.3
    ├── actix-web 3.3.3
    └── actix-http 2.2.2

Crate:     term
Version:   0.5.2
Warning:   unmaintained
Title:     term is looking for a new maintainer
Date:      2018-11-19
ID:        RUSTSEC-2018-0015
URL:       https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── prettytable-rs 0.8.0
    └── link 0.1.0

Crate:     link
Version:   0.1.0
Warning:   yanked
Dependency tree:
link 0.1.0

error: 3 vulnerabilities found!
warning: 4 allowed warnings found

BR, Nariod

opened by Nariod 0

Owner

GitHub

Semi-automatic OSINT framework and package manager

sn0int sn0int (pronounced /snoɪnt/) is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunter

1.4k Dec 31, 2022

Record and Replay Framework

Overview rr is a lightweight tool for recording, replaying and debugging execution of applications (trees of processes and threads). Debugging extends

7.6k Jan 1, 2023

Rust implementation of The Update Framework (TUF)

rust-tuf A Rust implementation of The Update Framework (TUF). Full documentation is hosted at docs.rs. Warning: Beta Software This is under active dev

152 Dec 11, 2022

A fuzzer framework built in Rust

lain This crate provides functionality one may find useful while developing a fuzzer. A recent nightly Rust build is required for the specialization f

469 Dec 9, 2022

Binary Analysis Framework in Rust

Welcome to Falcon Falcon is a formal binary analysis framework in Rust. Expression-based IL with strong influences from RREIL and Binary Ninja's LLIL.

489 Dec 18, 2022

Rust TLS/SSL certificate expiration date from command-line checker

9 Nov 9, 2022

Bindings to the macOS Security.framework

macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice

172 Jan 2, 2023

A simple command line tool which quickly audits the Disallow entries of a site's robots.txt.

Domo Arigato A simple command line tool which quickly audits the Disallow entries of a site's robots.txt. Disallow entries can be used to stop search

20 Apr 17, 2023

An esoteric language/compiler written with Rust and Rust LLVM bindings

MeidoLang (メイドラング) A not so useful and esoteric language. The goal of this project was to contain some quirky or novel syntax in a stack-style program

0 Dec 24, 2021

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed OpenSK as a Tock OS application. We intend to bring a ful

2.4k Jan 7, 2023

Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pentesters. Written in Rust.

Ronflex Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for penteste