Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jafarlihi/serpentine

C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
https://github.com/jafarlihi/serpentine

keylogger penetration-testing rat redteam remote-admin-tool remote-administration remote-administration-tool remote-administrator-tool windows-rat

Last synced: about 1 month ago
JSON representation

C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends

Host: GitHub
URL: https://github.com/jafarlihi/serpentine
Owner: jafarlihi
License: mit
Created: 2020-06-10T11:30:34.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-04-14T18:03:24.000Z (over 1 year ago)
Last Synced: 2024-08-05T17:24:43.646Z (4 months ago)
Topics: keylogger, penetration-testing, rat, redteam, remote-admin-tool, remote-administration, remote-administration-tool, remote-administrator-tool, windows-rat
Language: C++
Homepage:
Size: 210 KB
Stars: 449
Watchers: 25
Forks: 94
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - jafarlihi/serpentine - C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends (C++)

README

# serpentine

serpentine is a Windows RAT (Remote Administration Tool) that lets you interact with the clients using a multiplatform RESTful C2 server.

Functionalities:

- Startup

- Get files

- Put files

- Keylogger (Just get `%APPDATA%/svchost/log` file)

- Reverse shell (Using `netcat` as a client, listen on a port `nc -l -p 5555` and request a reverse shell connection to that port)

- Reverse proxy (Using [`revp`](https://github.com/jafarlihi/revp), upload `revp` to the client and execute it with a reverse shell)

- Take screenshots

- Remote desktop (Using `qtserpentine` frontend) [Work in progress, sending input is still in development]

### Dissection
`client` directory holds the Windows portion of the RAT made with C++ and Boost.

`server` holds the RESTful server portion made with Java and Spring.

`frontend` can hold any number of frontends that consume the RESTful API, currently holds `goserpentine` terminal client and `qtserpentine` GUI client.

#### Building & running
Build `server` with `mvn package` and then run the JAR with 2 arguments, first being the client-listening port and second the port RESTful API will be served at. Example: `java -jar target/serpentine-0.1.0.jar 2222 8080`

Build `client` with Visual Studio and also include Boost libraries: https://www.boost.org/doc/libs/1_73_0/more/getting_started/windows.html
Change `client` settings in `config.h`.

Build `goserpentine` `frontend` with `go build` and run the resulting executable to see the list of options.

Build `qtserpentine` by installing Qt Creator and building through that. Provide `QTSERPENTINE_API_ADDRESS` environment variable that points to the API server.

#### API
(To learn more about the endpoints and input parameters check the controllers in server code)

`/client` GET --> Returns list of currently connected clients (clients that pinged in the last 10 seconds)

`/client` POST --> Changes name associated with a client

`/file/{client}` POST --> Fetches a file from a client

`/file/{client}` PUT --> Uploads a file to a client

`/shell/{client}` POST --> Makes a client initiate a reverse shell connection

`/desktop/{client}` GET --> Takes and fetches a screenshot