Search the Community
Showing results for tags 'screenshot'.
-
ScreenshotBOF An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. The screenshot was downloaded in memory. Why did I make this? Cobalt Strike uses a technique known as fork & run for many of its post-ex capabilities, including the screenshot command. While this behavior provides stability, it is now well-known and heavily monitored. This BOF is meant to provide a more OPSEC-safe version of the screenshot capability. Self Compilation git clone the repo: git clone open the solution in Visual Studio Build project BOF Save methods: drop file to disk download file over beacon (Cobalt Strike only) [hide][Hidden Content]]
-
Email/User: Email Proxies: Yes Capture: Image Count, if anyone is willing to give me a premium account ill add premium capture [HIDE][Hidden Content]]
-
- 1
-
- [openbullet]
- gyazo.com
-
(and 3 more)
Tagged with:
-
A simple html program to take screenshots of websites or use it as a screenshot proxy for malicious URLs. Download: (Updated 03/03/2019) [Hidden Content] Virus Scan: [hide][Hidden Content]] Source code: <html> <title>Simple URL Image Proxy</title> <body bgcolor="black"> <center> <br> <h1><font color="white">Simple URL Image Proxy</font></h1> <br> <form action="[Hidden Content]?" target="frame"> <input type="hidden" name="key" value="4ba62b"> <input type="hidden" name="dimension" value="640x480"> <input type="hidden" name="device" value="desktop"> <input type="hidden" name="format" value="jpg"> <input type="hidden" name="cacheLimit" value="1"> <input type="hidden" name="delay" value="0"> <input type="text" name="url" value="" placeholder="ex: [Hidden Content]; <input type="submit" name="submit" value="Visit!"> </form> <iframe name="frame" frameborder="0" height="480" width="640"></iframe> </center> </body> </html>
-
Stealth Screenshot Saver + Uploader is a combination of windows utilities to create a malicious program without requiring any heavy coding. The executable file contain: file.bat - Batch file contains the screenshot batch line + ftp credentials main.exe - Execute the hidden file.bat README.txt - dummy file with credits svchost.exe - Command line utility to take screenshots How to use? Open file.bat with notepad and change line 2, 4, 5, 6. In line 2, change between loop and savescreenshot. The first value is by default 60 (60 screenshots before upload) Also in the same line by default is 10000 (Wait 10 seconds between screenshots) In line 4 is the ftp server (Default is ftp.uploaded.net) In line 5 is the ftp username In line 6 is the ftp password Why Uploaded.net Uploaded.net is a public free file hosting service with ftp enabled by default. The advantage of Uploaded.net is that you can share the username and password in plain text and if anyone grab it and try to access the files it won't be possible to modify or delete without confirming by email. Developed using the following Technologies WinRAR, Q Compiler, UPX, Simple Batch Example Download: [Hidden Content] Virustotal: [Hidden Content]
-
- 11
-
- stealth
- screenshot
-
(and 7 more)
Tagged with:
-
This archive is the research for a trojan that takes screenshots from the system and upload to server. All hidden/stealth from the user. Features: 1) Custom server login (IP/Domain, Username, Password) 2) Custom number of screenshots to take 3) Upload to the server by FTP Download: [Hidden Content].rar Virustotal: [Hidden Content]
-
- 4
-
- stealth
- screenshot
-
(and 3 more)
Tagged with: