0x1 Posted January 15, 2019 Share Posted January 15, 2019 This is the hidden content, please Sign In or Sign Up DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication. This project was initially inspired by the fantastic Empire framework, but also as an objective to learn Python. This is the hidden content, please Sign In or Sign Up Spoiler This is the hidden content, please Sign In or Sign Up Features Various stager (Powershell one liner, batch file, MS-Office macro, javascript, DotNetToJScript, msbuild file, SCT file, ducky, more to come...) Single CLI commands (one at a time, no environment persistency) Pseudo-interactive shell (environment persistency) - based on an idea from 0xDEADBEEF00 [at] gmail.com Send file to the agent Retrieve file from the agent Launch processes on the agent Keylogger Clipboard logger (clipboard recording/spying) Screenshot capture Run and interact with PowerShell modules (Endless capabilities: PowerSploit, Inveigh, Nishang, Empire modules, Powercat, etc.) Send key strokes to any process Set persistency through scheduled task and single instance through Mutex Can run within (w|c)script.exe thanks to the DotNetToJScript stager (javascript2) Can be injected into any process thanks to the nativeWrapper and its corresponding position independant shellcode ! Dependencies & requirements: DBC2 requires a Dropbox application ("App folder" only is sufficient) to be created within your Dropbox account and an access token generated for this application, in order to be able to perform API calls. Look at the intoduction video on how to do this if you're unsure. Spoiler This is the hidden content, please Sign In or Sign Up On the controller side, DBC2 requires: Python 2.7 (not tested with Python 3) The following libraries, that can be installed using pip install -r requirements.txt: requests>=2.11 tabulate pyscrypt pycrypto DBC2 controller has been successfully tested and used on Linux Kali and Mac OSX. On the agent side, DBC2 requires: .Net framework >= 4.5 (tested sucessfully on Windows 7 and Windows 10) Security Aspects: DBC2 controller asks for a master password when it starts. This password is then derived into a 128 bits master key by the use of the PBKDF function from the pyscrypt library. The master key is then base64 encoded and can (optionnally) be saved in the config file. DBC2 performs end-to-end encryption of data using the master key with AES-128/CBC mode. Data exchanged between the agent and the controller flows through the Dropbox servers so while the transfer itself is encrypted, thanks to HTTPS, data has to be end-to-end encrypted to protect the data while at rest on the Dropbox servers. DBC2 also performs obfuscation of the stages and the modules by the use of XOR encryption, which is dumb encryption but is enough to simply obfuscate some well known and publically available piece of codes. The key used to perform XOR encryption is a SHA256 hash of the master key. More info & Downlad : This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
Recommended Posts