All Projects → deepzec → Grok Backdoor

deepzec / Grok Backdoor

Licence: gpl-3.0
Simple python backdoor with Ngrok tunnel support

Programming Languages

python
139335 projects - #7 most used programming language

Projects that are alternatives of or similar to Grok Backdoor

Kithack
Hacking tools pack & backdoors generator.
Stars: ✭ 377 (+149.67%)
Mutual labels:  ngrok, backdoor
Evilosx
An evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+1109.27%)
Mutual labels:  backdoor
Imgbackdoor
Hide your payload into .jpg file
Stars: ✭ 87 (-42.38%)
Mutual labels:  backdoor
Sish
HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.
Stars: ✭ 2,087 (+1282.12%)
Mutual labels:  ngrok
Sidedoor
SSH connection daemon for Debian/Raspbian/Ubuntu/etc
Stars: ✭ 97 (-35.76%)
Mutual labels:  backdoor
Apache Http Server Module Backdoor
👺 A Backdoor For Apache HTTP Server Written in C
Stars: ✭ 127 (-15.89%)
Mutual labels:  backdoor
Ngrok For Vscode
A VSCode extension to control ngrok
Stars: ✭ 75 (-50.33%)
Mutual labels:  ngrok
Proton
Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-5.96%)
Mutual labels:  backdoor
Tunnel
Use Ngrok In Termux With Advanced Options
Stars: ✭ 133 (-11.92%)
Mutual labels:  ngrok
Docker Ngrok
Deploy ngrok server and build client use docker
Stars: ✭ 111 (-26.49%)
Mutual labels:  ngrok
Django Shop Tutorial
Use Django To Create A Simple Shopping Site Tutorial
Stars: ✭ 109 (-27.81%)
Mutual labels:  ngrok
Docker Ngrok Server
ngrok服务器的docker image,实现内网穿透。也可以下载附件中的ngrok客户端使用
Stars: ✭ 98 (-35.1%)
Mutual labels:  ngrok
Hypertunnel
✨ Expose any local TCP/IP service on the internet.
Stars: ✭ 129 (-14.57%)
Mutual labels:  ngrok
Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-42.38%)
Mutual labels:  backdoor
Ngrok
Expose your localhost to the web. Node wrapper for ngrok.
Stars: ✭ 1,897 (+1156.29%)
Mutual labels:  ngrok
Phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+686.75%)
Mutual labels:  backdoor
Hg8045q
Pwning the Nuro issued Huawei HG8045Q
Stars: ✭ 107 (-29.14%)
Mutual labels:  backdoor
Mass Rat
Basic Multiplatform Remote Administration Tool - Xamarin
Stars: ✭ 127 (-15.89%)
Mutual labels:  backdoor
Pyiris Backdoor
PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Stars: ✭ 145 (-3.97%)
Mutual labels:  backdoor
Networm
Python network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-10.6%)
Mutual labels:  backdoor

Grok-backdoor

Grok-backdoor is a simple python based backdoor, it uses Ngrok tunnel for the C&C communication. Ngrok-backdoor can generate Windows, Linux and Mac binaries using Pyinstaller.

How it works:

Ngrok exposes local servers behind NATs and firewalls to the public internet over a secure tunnel.

alt text

Ngrok establishes a tunnel between malware local listener port and ngrok server public IP over a unique port number. Attacker can connect Ngrok public IP and unique port to intract with internal malware listener.

Disclaimer:

All the code provided on this repository is for educational/research purposes only. Any actions and/or activities related to the material contained within this repository is solely your responsibility. The misuse of the code in this repository can result in criminal charges brought against the persons in question. Author will not be held responsible in the event any criminal charges be brought against any individuals misusing the code in this repository to break the law.

Dependencies:

Python 2.7

Pyinstaller 3.21

python-pip 9.0.1

Installation :

pip install -r requirements.txt

Usage:

You need a ngrok.com acccount to use this backdoor, you can provide Ngrok authcode while configuring the grok-backdoor. You will be able to see a new tcp tunnel created in Ngrok status panel after the grok-backdoor server execution on victim machine

Create backdoor binary by running :

python grok-backdoor.py

Linux:

alt text

Windows :

alt text

You can find the output binary in grok-backdoor/dist/ directory:

alt text

Run grok-backdoor output binary in victim machine and login to Ngrok.com control panel to see the tunnel URL:

alt text

Telnet to tunnel URL to get the Bind shell: Enjoy shell :)

alt text

How to embed ngrok binary with the backdoor?

choose No when grok-backdoor ask for "Do you want to download Ngrok binary during execution?". If you choose 'N' it will bind ngrok with the output backdoor binary

Proxy Blocking ngrok download attempt while backdoor execution?

Choose bind ngrok binary with malware option to bypass proxy blocking.

Features:

  • Multi platform support(windows,linux,Mac) - No cross compiling at the moment, you need to run this code in respective platforms to generate executables for different platforms.
  • Autheticated bind shell
  • Random output binary
  • Ngrok tunnel support to bypass firewall/proxy restrictions.

Report bugs to twitter.com/deepzec & Pull request are always welcome :)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].