Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

 

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware,, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      0x1

      DBC2

      1 post in this topic

      Hidden Content

        Give reaction to this post to see the hidden content.

      DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication.

      This project was initially inspired by the fantastic Empire framework, but also as an objective to learn Python.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Spoiler

      Hidden Content

        Give reaction to this post to see the hidden content.

      Features

      •     Various stager (Powershell one liner, batch file, MS-Office macro, javascript, DotNetToJScript, msbuild file, SCT file, ducky, more to come...)
      •     Single CLI commands (one at a time, no environment persistency)
      •     Pseudo-interactive shell (environment persistency) - based on an idea from 0xDEADBEEF00 [at] gmail.com
      •     Send file to the agent
      •     Retrieve file from the agent
      •     Launch processes on the agent
      •     Keylogger
      •     Clipboard logger (clipboard recording/spying)
      •     Screenshot capture
      •     Run and interact with PowerShell modules (Endless capabilities: PowerSploit, Inveigh, Nishang, Empire modules, Powercat, etc.)
      •     Send key strokes to any process
      •     Set persistency through scheduled task and single instance through Mutex
      •     Can run within (w|c)script.exe thanks to the DotNetToJScript stager (javascript2)
      •     Can be injected into any process thanks to the nativeWrapper and its corresponding position independant shellcode !

       

      Dependencies & requirements:

      DBC2 requires a Dropbox application ("App folder" only is sufficient) to be created within your Dropbox account and an access token generated for this application, in order to be able to perform API calls. Look at the intoduction video on how to do this if you're unsure.

      Spoiler

      Hidden Content

        Give reaction to this post to see the hidden content.

      On the controller side, DBC2 requires:

          Python 2.7 (not tested with Python 3)
          The following libraries, that can be installed using pip install -r requirements.txt:
              requests>=2.11
              tabulate
              pyscrypt
              pycrypto

      DBC2 controller has been successfully tested and used on Linux Kali and Mac OSX.

      On the agent side, DBC2 requires:

      •     .Net framework >= 4.5 (tested sucessfully on Windows 7 and Windows 10)

       

      Security Aspects:

      DBC2 controller asks for a master password when it starts. This password is then derived into a 128 bits master key by the use of the PBKDF function from the pyscrypt library. The master key is then base64 encoded and can (optionnally) be saved in the config file.

      DBC2 performs end-to-end encryption of data using the master key with AES-128/CBC mode. Data exchanged between the agent and the controller flows through the Dropbox servers so while the transfer itself is encrypted, thanks to HTTPS, data has to be end-to-end encrypted to protect the data while at rest on the Dropbox servers.

      DBC2 also performs obfuscation of the stages and the modules by the use of XOR encryption, which is dumb encryption but is enough to simply obfuscate some well known and publically available piece of codes. The key used to perform XOR encryption is a SHA256 hash of the master key.

      More info & Downlad :

      Hidden Content

        Give reaction to this post to see the hidden content.

      • Like 2

      Share this post


      Link to post
      Share on other sites

      Create an account or sign in to comment

      You need to be a member in order to leave a comment

      Create an account

      Sign up for a new account in our community. It's easy!

      Register a new account

      Sign in

      Already have an account? Sign in here.

      Sign In Now
      Sign in to follow this