Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked RedditC2: Abusing Reddit API to host the C2 traffic

itsMe

By MASTERitsMe
in Pentesting

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, might be a great way to make the traffic look legit.

Workflow

Teamserver

    Go to the specific Reddit Post & post a new comment with the command ("in: ")
    Read for new comment which includes the word "out:"
    If no such comment is found, go back to step 2
    Parse the comment, decrypt it and read it's output
    Edit the existing comment to "executed", to avoid reexecuting it

Client

    Go to the specific Reddit Post & read the latest comment which includes "in:"
    If no new comment is detected, go back to step 1
    Parse the command out of the comment, decrypt it and execute it locally
    Encrypt the command's output and reply it to the respective comment ("out:" )

[Disclaimer]: Use of this project is for Educational/ Testing purposes only. Using it on unauthorised machines is strictly forbidden. If somebody is found to use it for illegal/ malicious intent, author of the repo will not be held responsible.

This is the hidden content, please

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.