GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → not-sekiun → PyIris

not-sekiun / PyIris

Licence: MPL-2.0 license
PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

backdoorhackingtrojancybersecurityratinfoseckeyloggerkali-linuxmalware-developmentpayload-generatorreconnaissanceremote-access-toolbeta-stage

Projects that are alternatives of or similar to PyIris

Pyiris Backdoor
PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Stars: ✭ 145 (-51.01%)
Mutual labels:  backdoor, trojan, cybersecurity, infosec, keylogger, kali-linux, reconnaissance
Thefatrat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+1908.11%)
Mutual labels:  backdoor, trojan, rat, kali-linux
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (+3.04%)
Mutual labels:  backdoor, trojan, rat, keylogger
Networm
Python network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-54.39%)
Mutual labels:  backdoor, trojan, rat
Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-70.61%)
Mutual labels:  backdoor, rat, kali-linux
RSB-Framework
Windows/Linux - ReverseShellBackdoor Framework
Stars: ✭ 44 (-85.14%)
Mutual labels:  backdoor, trojan, rat
ConTroll Remote Access Trojan
Created a VERY SIMPLE remote access Trojan that will establish administrative control over any windows machine it compromises.
Stars: ✭ 69 (-76.69%)
Mutual labels:  trojan, rat, malware-development
Ghost
👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware
Stars: ✭ 312 (+5.41%)
Mutual labels:  backdoor, trojan, rat
paradoxiaRAT
ParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 583 (+96.96%)
Mutual labels:  backdoor, rat, keylogger
Proton
Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-52.03%)
Mutual labels:  backdoor, rat, kali-linux
Powershell Rat
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+114.86%)
Mutual labels:  backdoor, trojan, rat
Lime Rat
LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
Stars: ✭ 663 (+123.99%)
Mutual labels:  backdoor, trojan, rat
DcRat
A simple remote tool in C#.
Stars: ✭ 709 (+139.53%)
Mutual labels:  backdoor, rat, infosec
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Stars: ✭ 1,934 (+553.38%)
Mutual labels:  backdoor, rat, kali-linux
Rat Hodin V2.9
Remote Administration Tool for Linux
Stars: ✭ 97 (-67.23%)
Mutual labels:  trojan, rat, keylogger
Tinkerershell
A simple python reverse shell written just for fun.
Stars: ✭ 62 (-79.05%)
Mutual labels:  backdoor, rat, keylogger
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+2225%)
Mutual labels:  cybersecurity, infosec, reconnaissance
trolo
trolo - an easy to use script for generating Payloads that bypasses antivirus
Stars: ✭ 45 (-84.8%)
Mutual labels:  trojan, rat, payload-generator
Paradoxiarat
ParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (+33.45%)
Mutual labels:  backdoor, rat, keylogger
Unencrypted Backdoor With Process Cloaking
Unencrypted backdoor
Stars: ✭ 16 (-94.59%)
Mutual labels:  backdoor, trojan, rat
View All Similar Projects ➔

The project is currently undergoing a major rewrite for version 3, the current version, version 2 will be made obsolete

The PyIris Project (Updates coming soon refer to ROADMAP.md)

The PyIris project is a modular remote access trojan toolkit written completely in python. It allows users to dynamically build, generate and encode/encrypt remote access trojan payloads for remote control of other compromised hosts.

Demo of PyIris in action on multiple operating systems (Windows and Linux)

Dynamically generating a payload in Windows

Windows Generator Demo

Remotely controlling a Windows system through a scout in Ubuntu (screenshot of victims machine is of the ubuntu attacker machine since I'm running the ubuntu machine in a VM)

Ubuntu Scout Demo

Creating listeners that will receive connections from the scouts in Kali Linux

Kali listener Demo

Features (Both Windows and Linux)

  • Tab completion for most commands
  • Dynamically generate scouts
  • Robust error handling to allow scouts to recover from sudden disconnects
  • Upload and download files from and to the target machine
  • Sleep, kill and disconnect scouts
  • Download files from external urls (web dowloads)
  • Keylogging in memory
  • Displaying system information
  • Taking screenshots without writing to disk
  • See all currently open visible and non visible windows on the target
  • Check to see if scout is running with admin/root privileges
  • Inject keystrokes
  • Compile payloads into Windows EXEs or Linux ELFs
  • Clear, set or dump clipboard data
  • Setting audio
  • Take pictures from webcam without writing to disk
  • Stackable encryption of scout payload source code, in a theoretically infinite stack in infinite variations
  • execute arbitrary python code and read the results even if the python interpreter is not installed on the target machine from compiled scouts
  • request for admin/root
  • sleep for an arbitrary length of time before running (To bypass AV dynamic program analysis)
  • self delete (only works for scripts)
  • Stream webcam over TCP sockets (pretty laggy will work on a UDP version)

Features (Windows)

  • Acheive persistence through the windows registry (HKEY_CURRENT_USER)
  • Acheive persistence through the windows startup folder
  • Remote Command Execution through cmd.exe or powershell.exe (provided it is not blocked)
  • Open URLs from native browser (internet explorer ewww)
  • Shutdown, restart, lock, logoff user gracefully without connection hanging from scout payload
  • Execute or open files remotely
  • Check the user idle time
  • Dump saved chrome passwords (wont work with the latest chrome browsers since they changed encryption methods and Im kinda lazy to update this lol)
  • Disbale/ Enable the targets keyboard/mouse
  • Bypass UAC through sdclt.exe (Has already been patched in recent windows updates)

Features (Linux)

  • Achieve persistence through cron jobs (crontab)
  • Remote Command Execution through the bash shell

Getting Started

Prerequisites

  • Python 3.x, (I use python 3.7.x)
  • Git

Setting up PyIris (Windows)

First, clone this repository (make sure you have git installed), CD into the root folder.

git clone https://github.com/angus-y/PyIris-backdoor

cd PyIris-backdoor

Next install the rest of the required modules with pip3. Only install modules from the setup/windows/requirements.txt file as this section is for running the Windows edition of PyIris.

pip3 install -r setup/windows/requirements.txt

Upon running PyIris.py in the root folder for the first time you should be greeted with the option to generate a key, this indicates everything has been installed correctly.

Setting up PyIris (Linux)

First, clone this repository (make sure you have git installed), CD into the root folder.

git clone https://github.com/angus-y/PyIris-backdoor

cd PyIris-backdoor

Next install an external dependency, xlib, required by pyperclip through apt-get.

sudo apt-get install xclip

Then install pyalsaaudio through apt-get, if you're installing on ubuntu please read the below note

sudo apt-get install python3-alsaaudio

After that install canberra-gtk-module for cv2 to use to display webcam live streams

sudo apt-get install libcanberra-gtk-module

Pyautogui refuses to be imported in linux if tkinter is not installed so we must install it. However, we are not actually using tkinter for any of the scouts

sudo apt-get install python3-tk python3-dev

Finally, install the rest of the required modules with pip3. Only install modules from the setup/linux/requirements.txt file as this section is for running the Linux edition of PyIris.

pip3 install -r setup/linux/requirements.txt

Upon running it the first time you should be greeted with the option to generate a key, this indicates everything has been installed correctly.

Updating PyIris

Change into the PyIris-backdoor folder first, then run

git pull

On windows to install any newly added third party modules or update then run

cd setup/windows

pip3 install -r requirements.txt

On linux to install any newly added third party modules or update then run

cd setup/linux

pip3 install -r requirements.txt

Supported OS

PyIris was successfully installed on the following operating systems

  • Windows 10
  • Kali Linux Rolling releases
  • Ubuntu
  • Debian

Basic Usage

Windows

py -3 PyIris.py

If prompted to generate a key, either press enter or enter a key that you want to use.

Linux

python3 PyIris.py

If prompted to generate a key, either press enter or enter a key that you want to use.

Starting out

The help command is your friend! Simply run help to get a list of all commands you can use on a specific interface. For more detail about a specific command, run help <name of command> to get more in depth help about it. Alternatively you can use the ? command which is an alias for the help command. I am planning to write a wiki soon detailing all the commands and information you need to use PyIris

FAQ

Why cant the compiled scout I generated in my Linux OS run on a Windows target machine? (Or vice versa)

PyIris utilizes Pyinstaller to compile its payloads. It is therefore not possible to cross-compile binaries. That means if you generate and compile a scout in Linux the binary only runs in Linux, it works the same for Windows. If you want to cross-compile Windows scouts for Linux I suggest you use wine and run PyIris from there otherwise your options are very limited.

Why am I getting an attribute error "enum has no module 'IntFlag' during compilation of scouts?

This is most probably due to a redundant library you have installed called enum34 which has already been deprecated. Uninstall the library with the command

pip uninstall -y enum34

If you get this error while compiling with pyinstalled the compiled executable will not run. See here for more information

PyHook isn't installing on my Windows OS!

I have already included a PyHook wheel file in the setup/windows folder however that wheel works only for 64 bit versions of Windows. You may have to manually install PyHook yourself. Go to this site and search for the PyHook wheel file that works for your Windows version and download it. Next, pip install using the name of that wheel file.

pip3 install <name of pyhook wheel file>

If you downloaded the correct pyhook wheel file it should install succesfully.

I correctly created my listeners and scouts why are the scouts not connecting to my listeners?

Since the listeners actually open ports on your machine you may have to allow the python 3 interpreter (python.exe) through your firewall so that it can actually receive connections. Another reason the scouts are not connecting is that your key could have changed the pre generated key prompted during a new PyIris install and run is used to authenticate and connect to the listeners. The scout could have been generated with a different key than the one that the listener is expecting, the regen command at the main home interface would have changed the key, alternatively you may have directly edited the resources/PyIris.cred file that contains the key

Why are there more linux components (backdoor functions) than windows components...

Well this is due to several reasons. First, is the problem of open source code and mulitple distros. Linux has many distrubutions each linux distro may be different or have a different system structure than each other linux system. Creating components to cover all of them is incredibly difficult. Secondly, is support, simply put some linux systems just dont support some functions out of the box for python. Lastly is the fact that the terminal in linux is much more powerful than cmd in windows, therefore a lot more things can be accomplished from the terminal than from cmd so there is no need to add extra components, your trusty linux/execute_command_bash will do the job for you. For example rather than adding a linux/browser component you can use the xdg-open command to open URLs its supported out of the box

Why are you using a raw text protocol isn't something like HTTP less suspicious to network analyst

Yes it is I should probably be using HTTP buuuuut I am just lazy. Perhaps in a future update but that requires rewriting a lot of the listener-scout protocol which could take some time.

Hey I am a 1337 H4X0R and need to DDOS NSA and The Pentagon can you add a 1337 DDOS component

No lol

Built with

Want to report a bug?

Create an issue, but before that please read the "ISSUE_TEMPLATE.md" file first

Credits

  • Inspired by Powershell Empire and Brain Damage
  • Thanks to EV-EV for helping me in the earliest stages of the project and in helping me to create PyIris from its infancy
  • Thanks to Dharshan2004 for helping build a part of the in-memory webcam module and testing PyIris on Debian
  • Thanks to Ani152 for being my (legally) unwilling test subject in testing the PyIris framework
  • Thanks to my brain for formulating this whole project

License

Licensed under Mozilla Public License Version 2.0 - See the "LICENSE.md" file for more details

Disclaimer!

I write stuff like this for fun and mainly to become a better at python. The purpose of this project is to challenge myself to solve problems in creative ways, teach myself to be better at coding and have some fun creating something cool in the process. I DO NOT CONDONE the usage of this project in any unethical or unlawful manner. Do not use this without the full consent of the subject. Besides this framework isnt even that good anyways.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].