Monday, April 22, 2019
Latest:

Haxf4rall

Computer Security, Hacking, Cyber awareness

Hack Tools Post Exploitation Remote Administration Tools Software 

Gcat – A stealthy Backdoor that uses Gmail as the C&C server

haxf4rall2017 , , ,

A stealthy Python based backdoor that uses Gmail as a command and control server.

Requirements

  • A Gmail account (Use a dedicated account! Do not use your personal one!)
  • Turn on “Allow less secure apps” under the security settings of the account

This repo contains two files:

  • gcat.py a script that’s used to enumerate and issue commands to available clients
  • implant.py the actual backdoor to deploy

In both files, edit the gmail_user and gmail_pwd variables with the username and password of the account you previously setup.

You’re probably going to want to compile implant.py into an executable using Pyinstaller

 

Usage

gcat 1

  • Once you’ve deployed the backdoor on a couple of systems, you can check available clients using the list command:

gcat 2

The output is a UUID string that uniquely identifies the system and the OS the implant is running on

  • Let’s issue a command to an implant:

gcat 3

Here we are telling 90b2cd83-cb36-52de-84ee-99db6ff41a11 to execute ipconfig /all, the script then outputs the jobid that we can use to retrieve the output of that command

  • Lets get the results!

gcat 4

  • That’s the gist of it! But you can do much more as you can see from the usage of the script! 😉

 

 

download now

You May Also Like

XSStrike – Advanced XSS Detection and Exploitation Suite

haxf4rall2017 Comments Off on XSStrike – Advanced XSS Detection and Exploitation Suite

FakeNet – Windows Network Simulation Tool for Malware Analysis

haxf4rall2017 Comments Off on FakeNet – Windows Network Simulation Tool for Malware Analysis

fireELF – Fileless Linux Malware Framework

haxf4rall2017 Comments Off on fireELF – Fileless Linux Malware Framework
%d bloggers like this: