Situatie

magic-wormhole is a command-line tool that allows two computers to securely transfer a file or short message through a simple, human-readable code. It is designed to be:

-Easy to use via CLI: wormhole send file.txt → receive with wormhole receive
-Transfers are encrypted, peer-to-peer (or via a relay if needed).
-No user accounts or persistent connections.
-Can send directories (–code, –hide-progress available).
-Works on Linux, macOS, Windows, and even Raspberry Pi.

Real Use Cases:
Share sensitive files securely without needing cloud services.
Drop a script or payload into a target machine in red-team/pentest environments (covert file exfiltration).
Air-gapped environments where traditional networking is blocked but outbound DNS or HTTP exists.

Built into Kali Linux
You can run it without installing anything

How does it work?
1.The sender and receiver each run magic-wormhole in the terminal.
2.The sender is shown a one-time “wormhole code” like 7-orange-tunnel.
3.The receiver enters that same code into their own wormhole command.
4.Both sides use this code to derive a shared cryptographic key using PAKE (Password-Authenticated Key Exchange).
5.This key encrypts the file or message and sends it directly over a secure connection.
It uses:
-SPAKE2 protocol for key agreement.
-libsodium (NaCl) for authenticated encryption (Curve25519 + XSalsa20-Poly1305).
-Transit relay server (if direct peer-to-peer fails).

Solutie

Tip solutie

Permanent