BlackMamba : C2/Post-Exploitation Framework

BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework.

Features

  • Multi-Client – Supports multiple client connections at the same time.
  • Real-Time Communication Updates – Real-time communication and updates between the client and server.
  • Encrypted Communication – Almost all communications are encrypted, except for screen video streaming.
  • Screenshot Gathering – Get a real-time screenshot from the client.
  • Video Streaming – Watch in real-time the client screen.
  • Client Lock – Lock and unlock the machine of the client.
  • Encrypted File Transfer (upload/download) – Download files from the client or uploads files for the client.
  • Keylogger – Register all the keys pressed by the client.
  • Web Downloader – Download files from URLs or content by RAW pages.

Install Guide

SERVER INSTALL

  • Download the BlackMamba;
  • Install the PIP packages;

pip install -r requirements.txt

PyQt5
Pillow
PyAutoGUI
pytest-shutil
cryptography
pynput
pygame

  • Open the port 65000 and 65005 in your Gateway or Router (the port number is optional);
  • Create an exception in the firewall for BlackMamba or disable it;
  • Go to “BlackMamba/bin/profile/socket.txt” and input the port number opened;

SERVER_IP=0.0.0.0
PORT=65000
PORT_VIDEO=65005

IMPORTANT: Do not change the 0.0.0.0.

  • (OPTIONAL) – Go to the BlackMamba folder and open the “keygen.py” file. Copy the resulting key and paste in the “BlackMamba/bin/profile/crypt_key.py” ;

The BlackMamba uses a default cryptography key. It is interesting that you change it.

  • Back to BlackMamba root folder and open the “main.py” file;

WINDOWS
python main.py

GNU/LINUX
sudo chmod 777 main.py
sudo python3.8 main.py

KALI LINUX
(sudo chmod 777 main.py)
(sudo python3 main.py)

  • Click on the button that has a person icon and plus signal;
  • Input the path where the Python file will be created, input both port numbers and the IP address (external or local) of your host, then click on the “Create” button.

CLIENT INSTALL

After creating the Client script, you’ll need to open the script in the host target:

  • WINDOWS

python script.py

  • GNU/LINUX
  • Download the packages:

scrot -y
python3-pip -y
python3-tk -y
python3-dev -y

  • sudo python3.8 script.py

KALI LINUX
(sudo python3 script.py)

IMPORTANT: The script of the client does not have persistence. If you want to do persistence, you’ll need to make it by yourself. Another important point is that the client script maybe delay some seconds or few minutes for connect/reconnect.

Release Status

Currently the BlackMamba is on beta stage, this means that the features are all completed but likely to contain a number of known and unknown bugs. It is important to reinforce that most critical bugs like crashes or buffer overflow have already been solved.

R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

2 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

2 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

4 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

7 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago