https://github.com/safebreach-labs/pacdoor

Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File
https://github.com/safebreach-labs/pacdoor

Last synced: about 16 hours ago
JSON representation

Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File

• Host: GitHub
• URL: https://github.com/safebreach-labs/pacdoor
• Owner: SafeBreach-Labs
• License: bsd-3-clause
• Created: 2016-07-22T21:53:58.000Z (over 8 years ago)
• Default Branch: master
• Last Pushed: 2016-08-05T01:13:59.000Z (over 8 years ago)
• Last Synced: 2024-08-03T17:12:14.150Z (3 months ago)
• Language: Python
• Homepage: http://www.safebreach.com
• Size: 11.7 KB
• Stars: 158
• Watchers: 12
• Forks: 46
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-network-stuff - **143**星 - of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File (<a id="d03d494700077f6a65092985c06bf8e8"></a>工具 / <a id="0ff94312f3ab4898f5996725133ea9d1"></a>未分类)

README

        
# Pacdoor

Pacdoor is a proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File. Pacdoor includes a 2-way communication channel, ability to exfiltrate HTTPS URLs, disable access to cherry-picked URLs etc.

It was released as part of the [Crippling HTTPS with Unholy PAC](https://www.blackhat.com/us-16/briefings.html#crippling-https-with-unholy-pac) talk given at BlackHat USA 2016 conference by Itzik Kotler and Amit Klein from [SafeBreach Labs](http://www.safebreach.com).

Slides are availble [here](https://www.blackhat.com/docs/us-16/materials/us-16-Kotler-Crippling-HTTPS-With-Unholy-PAC.pdf)

### Version

0.1.0

### Installation

Pacdoor requires [Python](https://python.org/) 2.7.x to run.

```sh

$ git clone https://github.com/SafeBreach-Labs/pacdoor.git

$ cd pacdoor

$ cd server

$ pip install -r requirements.txt

```

License

----

BSD 3-Clause