Circo Versions Save

Cisco Implant Raspberry Controlled Operations

v2.020

3 years ago
  • Python 3
  • Modular Code
  • New exfiltration method (FM)
  • Support net-creds
  • Capture VoIP RTP traffic (tapping phone calls)
  • Capture SIP hash
  • Spoof MAC/IP for exfiltration
  • Support any TCP port for exfiltration

v1.5

4 years ago
  • Allow existing IP-Phone to co-exist with CIRCO
  • Eliminate template files (craft all packets)
  • Support NTP exfiltration
  • Software encrypted via Bluetooth (prevent forensic)
  • Self destroy and alarm switch
  • Bypass active & passive fingerprinting (NAC)
  • Credentials integration into Faraday

v1.4

5 years ago
  • Add Proxy Exfiltration (DHCP 252, WPAD, DNS Guessing)
  • Include source IP as exfiltration fields (hex to dotted format)
  • Replace switch template from 3850 to 2960 switch
  • Add support for clients sending only \r (telnetd/sshd) instead \n\r
  • Remove DHCP temp files
  • Create Classes & Threading per exfiltration in carpa
  • Remove _v1 from directory and programs
  • Add Wiki section (Install/Usage/Hardware/Demo)

v1.2

5 years ago
  • Bring CIRCO live into Github after AV Tokyo 2018 presentation

v1.3

5 years ago
  • Add LLDP daemon as a IP-Phone/Switch and IOS command support
  • Add random delay for exfiltration packets for DEBUG mode
  • Include full path for config files