{"id":13825940,"url":"https://github.com/deepzec/grok-backdoor","last_synced_at":"2025-04-03T03:09:27.898Z","repository":{"id":216003477,"uuid":"131137176","full_name":"deepzec/Grok-backdoor","owner":"deepzec","description":"Simple python backdoor with Ngrok tunnel support","archived":false,"fork":false,"pushed_at":"2023-12-09T00:40:32.000Z","size":120,"stargazers_count":203,"open_issues_count":2,"forks_count":53,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-03-20T07:59:32.574Z","etag":null,"topics":["backdoor","ngrok"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deepzec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-04-26T10:07:34.000Z","updated_at":"2025-02-21T05:02:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"e48b632f-5afb-43f6-a62a-1a0442a12d71","html_url":"https://github.com/deepzec/Grok-backdoor","commit_stats":null,"previous_names":["deepzec/grok-backdoor"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepzec%2FGrok-backdoor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepzec%2FGrok-backdoor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepzec%2FGrok-backdoor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deepzec%2FGrok-backdoor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deepzec","download_url":"https://codeload.github.com/deepzec/Grok-backdoor/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246927835,"owners_count":20856198,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backdoor","ngrok"],"created_at":"2024-08-04T09:01:29.586Z","updated_at":"2025-04-03T03:09:27.880Z","avatar_url":"https://github.com/deepzec.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"01e6651181d405ecdcd92a452989e7e0\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"9d6789f22a280f5bb6491d1353b02384\"\u003e\u003c/a\u003e隧道\u0026\u0026穿透"],"readme":"# Grok-backdoor\n\nGrok-backdoor is a simple python based backdoor, it uses Ngrok tunnel for the C\u0026C communication. Ngrok-backdoor can generate Windows, Linux and Mac binaries using Pyinstaller.\n\n## How it works:\n\nNgrok exposes local servers behind NATs and firewalls to the public internet over a secure tunnel.\n\n![alt text](https://github.com/deepzec/Grok-backdoor/blob/master/screenshots/ngrok.jpg \"Create backdoor binary\")\n\n\nNgrok establishes a tunnel between malware local listener port and ngrok server public IP over a unique port number. Attacker can connect Ngrok public IP and unique port to intract with internal malware listener. \n\n\n\n\n## Disclaimer: \n\nAll the code provided on this repository is for educational/research purposes only. Any actions and/or activities related to the material contained within this repository is solely your responsibility. The misuse of the code in this repository can result in criminal charges brought against the persons in question. Author will not be held responsible in the event any criminal charges be brought against any individuals misusing the code in this repository to break the law. \n\t\n\t\n## Dependencies:\nPython 2.7\n\nPyinstaller 3.21\n\npython-pip 9.0.1 \n\n\n## Installation :\npip install -r requirements.txt\n\n\n### Usage: \n\nYou need a ngrok.com acccount to use this backdoor, you can provide Ngrok authcode while configuring the grok-backdoor. You will be able to see a new tcp tunnel created in Ngrok status panel after the grok-backdoor server execution on victim machine\n\nCreate backdoor binary by running : \n\npython grok-backdoor.py\n\n#### Linux: \n\n![alt text](https://github.com/deepzec/Grok-backdoor/blob/master/screenshots/Create-backdoor-linux.PNG \"Create backdoor binary\")\n\n#### Windows : \n\n![alt text](https://github.com/deepzec/Grok-backdoor/blob/master/screenshots/Create-backdoor-windows1.PNG \"Create backdoor binary\")\n\nYou can find the output binary in grok-backdoor/dist/ directory:\n\n![alt text](https://github.com/deepzec/Grok-backdoor/blob/master/screenshots/output-linux.PNG \"Output\")\n\n\nRun grok-backdoor output binary in victim machine and login to Ngrok.com control panel to see the tunnel URL:\n\n![alt text](https://github.com/deepzec/Grok-backdoor/blob/master/screenshots/ngrok.PNG \"Ngrok Tunnel\")\n\n\nTelnet to tunnel URL to get the Bind shell: Enjoy shell :)\n\n![alt text](https://github.com/deepzec/Grok-backdoor/blob/master/screenshots/telnet.PNG \"Shell\")\n\n\n### How to embed ngrok binary with the backdoor?\n\nchoose No when grok-backdoor ask for \"Do you want to download Ngrok binary during execution?\". If you choose 'N' it will bind ngrok with the output backdoor binary\n\n### Proxy Blocking ngrok download attempt while backdoor execution?\n\nChoose bind ngrok binary with malware option to bypass proxy blocking.\n\n\n### Features:\n* Multi platform support(windows,linux,Mac) - No cross compiling at the moment, you need to run this code in respective platforms to generate executables for different platforms.\n* Autheticated bind shell\n* Random output binary\n* Ngrok tunnel support to bypass firewall/proxy restrictions.\n\nReport bugs to twitter.com/deepzec \u0026 Pull request are always welcome :)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeepzec%2Fgrok-backdoor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeepzec%2Fgrok-backdoor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeepzec%2Fgrok-backdoor/lists"}