神刀安全网

Gdog – Python Windows Backdoor With Gmail Command & Control

Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server, it’s inspired byGcat and pushes a little beyond a proof of concept with way more features.

Gdog – Python Windows Backdoor With Gmail Command & Control

And don’t forget, Gcat also inspired Twittor – Backdoor Using Twitter For Command & Control.

Features

  • Encrypted transportation messages (AES) + SHA256 hashing
  • Generate computer unique id using system information/characteristics (SHA256 hash)
  • Job IDs are random SHA256 hashes
  • Retrieve system information
  • Retrieve Geolocation information (City, Country, lat, long, etc..)
  • Retrieve running processes/system services/system users/devices (hardware)
  • Retrieve list of clients
  • Execute system command
  • Download files from client
  • Upload files to client
  • Execute shellcode
  • Take screenshot
  • Lock client’s screen
  • Keylogger
  • Lock remote computer’s screen
  • Shutdown/Restart remote computer
  • Log off current user
  • Download file from the WEB
  • Visit website
  • Show message box to user

Usage

              __           _________/ /___  ____ _           / __ `/ __  / __ // __ `/         / /_/ / /_/ / /_/ / /_/ /         /__, //__,_//____//__, /         /____/            /____/   optionalarguments:   -h, --help            showthis helpmessageand exit   -v, --version        showprogram's versionnumberand exit   -idID                Clientto target   -jobidJOBID          Jobidto retrieve     -list                Listavailableclients   -info                Retrieveinfoonspecifiedclient   Commands:   Commandsto executeonanimplant     -cmdCMD              Execute a systemcommand   -visitwebsiteURL    Visitwebsite   -messageTEXTTITLE  Showmessageto user   -tasks                Retrieverunningprocesses   -services            Retrievesystemservices   -users                Retrievesystemusers   -devices              Retrievedevices(Hardware)   -downloadPATH        Download a filefrom a clientssystem   -download-fromurlURL                         Download a filefromtheweb   -uploadSRCDST      Upload a fileto theclientssystem   -exec-shellcodeFILE  Executesuppliedshellcodeon a client   -screenshot          Take a screenshot   -lock-screen          Locktheclientsscreen   -shutdown            Shutdownremotecomputer   -restart              Restartremotecomputer   -logoff              Logoffcurrentremoteuser   -force-checkin        Force a checkin   -start-keylogger      Startkeylogger   -stop-keylogger      Stopkeylogger 

Requirements & Setup

For this to work you need:

  • Python 2.x
  • PyCrypto module
  • WMI module
  • Enum34 module
  • Netifaces module

And:

  • A Gmail account (Use a dedicated account! Do not use your personal one!)
  • Turn on “Allow less secure apps” under the security settings of the account.
  • You may also have to enable IMAP in the account settings.

Download/Install

gitclone https://github.com/maldevel/gdog pipinstall -r requirements.txt --user 

You can download Gdog here:

gdog-v1.0.1.zip

Or read more here .

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » Gdog – Python Windows Backdoor With Gmail Command & Control

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址