Skip to content
/ shiny-donut Public

Captures packets and streams them to other devices. Built for home network analysis and A&D CTFs.

4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

melotic/shiny-donut

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
src
src
 
 
static
static
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 

Repository files navigation

🍩 shiny-donut

shiny-donut is a packet capture app that supports streaming packets from a remote system to another device. The main use for this is to send pcaps to another device for other analysis, and Attack & Defend CTFs to monitor traffic.

Building

Build shiny-donut with the following command:

$ cargo build --release

The binary will be available in target/release/shiny-donut.

Modes

shiny-donuts supports two modes to capture packets, and one to receive them:

  1. Server mode: shiny-donut listens on a configurable port to receive packets from a remote system. Packets are then written to a pcap file on another machine.
  2. Client mode: shiny-donut streams pcaps to a remote system, who is listening for incoming connection from shiny-donut.
  3. Listen mode: This is used in conjuction with Client Mode. Listen mode spins up an HTTPS server, to which the client mode connects to and posts the PCAP data. This mode also supports capture packets from mulitple shiny-donut instances running in Client mode.

Server Mode

For server mode, first generate a HTTPS certificate with openssl:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

To run shiny-donut in server mode, run the following command:

shiny-donut server --password <PASSWORD> <PORT> <INTERFACE>

This spins up an HTTPS server with two endpoints: /, the index page, and /traffic. The index page is used to prove to the client that the server is a valid shiny-donut server. The traffic endpoint is used to receive packets from the client.

To connect to /traffic you must use the password as the username using HTTP basic authentication. Example with curl:

curl -u <PASSWORD>: -k https://<SERVER_IP>:<PORT>/traffic --output traffic.pcap

Client Mode

For client mode, first create a client that will actually recieve the packets. This can be done by running shiny-donut in listen mode on a server you'd like to recieve the packets on:

shiny-donut listen --password <PASSWORD> <PORT>

You'll first have to generate an HTTPS certificate with:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Then, run the following command to stream packets from a device to the server:

shiny-donut client --password <PASSWORD> <SERVER_IP> <PORT>

Then, packets will be streamed to the file in data/<IP>.pcap on the server.

About

Captures packets and streams them to other devices. Built for home network analysis and A&D CTFs.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages