.. /BTunnels
Star

Broken Tunnels enables insiders as well as threat actors to expose local ports, local file system, local application over the internet via btunnels dynamic tunnel URLs.

Paths:

Downloaded version of Btunnels, which gets executed anywhere on the system.

Resources:

Acknowledgements:

Kamran Saifullah (@deFr0ggy)

Detections:

Domain: *.btunnel.co.in
Domain: *.btunnel.in
Sigma: https://github.com/search?q=repo%3ASigmaHQ%2Fsigma+9e02c8ec-02b9-43e8-81eb-34a475ba7965&type=code
Command: Execution of the binary and/or with arguments.

Exfiltration

This will generate tunnels link while exposing the local filesystem as a Directory Listing.
```
btunnel.exe file --key <API-KEY>
```
Use case
Exposing file system over the internet.

Privileges required
User

Operating systems
Windows, Mac, Linux

Access

This will generate tunnels link binding it to the local service running on the provided port. Can be used to expose local services, web applications and local files etc.
```
btunnel.exe http --key <API-KEY>
```
Use case
Exposing local services, ports, web applications etc. over the internet.

Privileges required
User

Operating systems
Windows, Mac, Linux

Phishing

By simply hosting a phishing website locally, it is possible to expose it via BTunnels Domain.
```
btunnel.exe http --key <API-KEY>
```
Use case
Hosting phishing sites locally and exposing them via BTunnels URLs.

Privileges required
User

Operating systems
Windows, Mac, Linux

Download

By simply hosting a malicious binaries/payloads locally it is possible to expose them via BTunnels domains.
```
btunnel.exe http --key <API-KEY>
```
Use case
Hosting malicious binaies/payloads locally and exposing them via BTunnels URLs.

Privileges required
User

Operating systems
Windows, Mac, Linux