Domino

View on Github

Description as a Tweet:

Peer to peer communication with AWS, with some white-hat hacking for in-depth computer control.

Inspiration:

We decided to take the Hack in Hack UMass literally. We are also both interested cybersecurity and exploiting the vulnerabilities of computers.

What it does:

We run a server on a AWS VirtualMachine for a secure file transfer between two clients. We also set up a Malicious code that gives an attacker full control over a computer. You can access full file system, audio player , video player, key logger, mouse movement, screen capture, webcam, and keyboard. As well as the ip of the victim getting there location.

How we built it:

We developed two separate "protocols" one which allows to clients to knowingly transfer files. The other is more malicious in that the victim doesn't know the attacker is connected to them putting the victim in a less than ideal situation. There are a few commands that attacker can utilize such as get webcam recording, screen recording, access to the victim's file system, and more.

Technologies we used:

  • Python

Challenges we ran into:

Getting AWS to work.
Piping commands from one computer to the other.
Ordering of network requests.

Accomplishments we're proud of:

Seeing the live results of a computer being controlled is both scary yet fascinating since given 36 hours we could take control of someones computer.

What we've learned:

A lot about network and socket programming. Security protocols on a computer.

What's next:

File Transfer Protocol:
Peer-Peer: Ability to connect directly without the need for a server for an incredibly secure connection
RSA Encryption so avoid a data breach by packet sniffing
Peer Authentication
GUI

Malicious Connection
Record the victims microphone
A wider breadth of command line tools for the attacker
Compile down to executables for portability
A method to load this malicious software on a peer's whether it is being distributed through something like a spam email or a false application that runs this software secretly

Built with:

Python
VSCode
AWS
Unix Command Line

Prizes we're going for:

  • Best Software Hack
  • Best Use of AWS
  • Best Venture Pitch
  • Best Security Hack

Prizes Won

Best Security Hack

Team Members

Gary Szekely
Ray Castillo

Table Number

Table 45 (TBL)