GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → thatcherclough → Betterbackdoor

thatcherclough / Betterbackdoor

Licence: mit
A backdoor with a multitude of features.

Programming Languages

java
68154 projects - #9 most used programming language
shell
77523 projects

Labels

pentestingsocketcybersecuritybackdoorreverse-shell

Projects that are alternatives of or similar to Betterbackdoor

Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-55.38%)
Mutual labels:  pentesting, backdoor, reverse-shell
YAPS
Yet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-82.05%)
Mutual labels:  backdoor, reverse-shell, pentesting
Evilosx
An evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+836.41%)
Mutual labels:  pentesting, backdoor, reverse-shell
Pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+3354.87%)
Mutual labels:  pentesting, backdoor, reverse-shell
Rspet
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+28.72%)
Mutual labels:  pentesting, backdoor, reverse-shell
Hack Tools
The all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+1310.26%)
Mutual labels:  pentesting, cybersecurity, reverse-shell
Reverse Shell
Reverse Shell as a Service
Stars: ✭ 1,281 (+556.92%)
Mutual labels:  pentesting, reverse-shell
Karkinos
Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-41.03%)
Mutual labels:  pentesting, reverse-shell
Ratel
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-37.95%)
Mutual labels:  pentesting, cybersecurity
Networm
Python network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-30.77%)
Mutual labels:  pentesting, backdoor
Prismatica
Responsive Command and Control System
Stars: ✭ 81 (-58.46%)
Mutual labels:  pentesting, cybersecurity
Apache Http Server Module Backdoor
👺 A Backdoor For Apache HTTP Server Written in C
Stars: ✭ 127 (-34.87%)
Mutual labels:  cybersecurity, backdoor
Pyiris Backdoor
PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Stars: ✭ 145 (-25.64%)
Mutual labels:  cybersecurity, backdoor
Androrat
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
Stars: ✭ 187 (-4.1%)
Mutual labels:  backdoor, reverse-shell
Defaultcreds Cheat Sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+899.49%)
Mutual labels:  pentesting, cybersecurity
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-56.41%)
Mutual labels:  pentesting, cybersecurity
Docker Security Images
🔐 Docker Container for Penetration Testing & Security
Stars: ✭ 172 (-11.79%)
Mutual labels:  pentesting, cybersecurity
Reverse Shell Manager
🔨 A multiple reverse shell session/client manager via terminal
Stars: ✭ 171 (-12.31%)
Mutual labels:  socket, reverse-shell
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-1.03%)
Mutual labels:  pentesting, reverse-shell
Fwdsh3ll
Forward shell generation framework
Stars: ✭ 62 (-68.21%)
Mutual labels:  cybersecurity, reverse-shell
View All Similar Projects ➔

BetterBackdoor

A backdoor is a tool used to gain remote access to a machine.

Typically, backdoor utilities such as NetCat have two main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the ability to inject keystrokes, get screenshots, transfer files, and many other tasks.

Features

BetterBackdoor can create and control a backdoor.

This created backdoor can:

  • Open a command prompt shell
  • Run PowerShell scripts
  • Run DuckyScripts to inject keystrokes
  • Exfiltrate files based on extension
  • Exfiltrate Microsoft Edge and WiFi passwords
  • Send and receive files to and from victim's computer
  • Start a KeyLogger
  • Get a screenshot of victim's computer
  • Get text copied to victim's clipboard
  • Get contents from a victim's file (cat)
  • Compress a directory to a ZIP file
  • Decompress a ZIP file

This backdoor uses a client and server socket connection to communicate. The attacker starts a server, and the victim connects to this server as a client. (Note: if multiple clients attempt to connect, the user is prompted to select which client to connect to) Once a connection is established, commands can be sent to the client in order to control the backdoor.

To create the backdoor, BetterBackdoor:

  • Creates 'run.jar', the backdoor jar file, and copies it to directory 'backdoor'.
  • Appends a text file containing the attacker's IP address and an encryption key (if the attacker selected to encrypt the data sent to and from the backdoor) to 'run.jar'.
    • Note: this data is written in plain text.
  • If desired, copies a Java Runtime Environment to 'backdoor' and creates batch file 'run.bat' for running the backdoor in the packaged Java Runtime Environment.

The backdoor can operate within a single network, LAN, and over the internet, WAN. However, in order to use the backdoor over WAN, port forwarding must be done.

For WAN use, ports 1025 and 1026 must be forwarded from the attackers computer with TCP selected. Once this is done, the backdoor can be controlled by the attacker even when the victim and attacker are on different networks.

To start the backdoor on a victim PC, transfer all files from the directory 'backdoor' onto a victim PC.

If a JRE is packaged with the backdoor, execute run.bat, otherwise execute run.jar.

This will start the backdoor on the victim's PC.

Once running, to control the backdoor you must return to BetterBackdoor and run option 1 at start.

Demo

Requirements

  • A Java JDK distribution >=8 must be installed and added to PATH.
  • You must use the same computer to create and control the backdoor.
    • The IP address of this computer must remain static in the time between creating the backdoor and controlling it.
  • The computer used to control the backdoor must have their firewall deactivated, and if the computer has a Unix OS, must run BetterBackdoor as 'sudo'.

Compatibility

BetterBackdoor is compatible with Windows, Mac, and Linux, while the backdoor is only compatible with Windows.

Installation

# clone BetterBackdoor
git clone https://github.com/thatcherclough/BetterBackdoor.git

# change the working directory to BetterBackdoor
cd BetterBackdoor

# build BetterBackdoor with Maven
# for Windows run
mvnw.cmd clean package

# for Linux and Mac run
sh mvnw clean package

Usage

java -jar betterbackdoor.jar

License

  • MIT
  • Copyright 2020 © Thatcher Clough.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].