BlackMamba : C2/Post-Exploitation Framework

BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework.

Features

  • Multi-Client – Supports multiple client connections at the same time.
  • Real-Time Communication Updates – Real-time communication and updates between the client and server.
  • Encrypted Communication – Almost all communications are encrypted, except for screen video streaming.
  • Screenshot Gathering – Get a real-time screenshot from the client.
  • Video Streaming – Watch in real-time the client screen.
  • Client Lock – Lock and unlock the machine of the client.
  • Encrypted File Transfer (upload/download) – Download files from the client or uploads files for the client.
  • Keylogger – Register all the keys pressed by the client.
  • Web Downloader – Download files from URLs or content by RAW pages.

Install Guide

SERVER INSTALL

  • Download the BlackMamba;
  • Install the PIP packages;

pip install -r requirements.txt

PyQt5
Pillow
PyAutoGUI
pytest-shutil
cryptography
pynput
pygame

  • Open the port 65000 and 65005 in your Gateway or Router (the port number is optional);
  • Create an exception in the firewall for BlackMamba or disable it;
  • Go to “BlackMamba/bin/profile/socket.txt” and input the port number opened;

SERVER_IP=0.0.0.0
PORT=65000
PORT_VIDEO=65005

IMPORTANT: Do not change the 0.0.0.0.

  • (OPTIONAL) – Go to the BlackMamba folder and open the “keygen.py” file. Copy the resulting key and paste in the “BlackMamba/bin/profile/crypt_key.py” ;

The BlackMamba uses a default cryptography key. It is interesting that you change it.

  • Back to BlackMamba root folder and open the “main.py” file;

WINDOWS
python main.py

GNU/LINUX
sudo chmod 777 main.py
sudo python3.8 main.py

KALI LINUX
(sudo chmod 777 main.py)
(sudo python3 main.py)

  • Click on the button that has a person icon and plus signal;
  • Input the path where the Python file will be created, input both port numbers and the IP address (external or local) of your host, then click on the “Create” button.

CLIENT INSTALL

After creating the Client script, you’ll need to open the script in the host target:

  • WINDOWS

python script.py

  • GNU/LINUX
  • Download the packages:

scrot -y
python3-pip -y
python3-tk -y
python3-dev -y

  • sudo python3.8 script.py

KALI LINUX
(sudo python3 script.py)

IMPORTANT: The script of the client does not have persistence. If you want to do persistence, you’ll need to make it by yourself. Another important point is that the client script maybe delay some seconds or few minutes for connect/reconnect.

Release Status

Currently the BlackMamba is on beta stage, this means that the features are all completed but likely to contain a number of known and unknown bugs. It is important to reinforce that most critical bugs like crashes or buffer overflow have already been solved.

R K

Recent Posts

Nmap cheat sheet for beginners

Nmap (Network Mapper) is a free tool that helps you find devices on a network,…

10 hours ago

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

1 week ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

1 week ago

How to Use the touch Command in Linux

The touch command is one of the quickest ways to create new empty files or update timestamps…

1 week ago

How to Search Files and Folders in Linux Using the find Command

Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…

1 week ago

How to Move and Rename Files in Linux with the mv Command

Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…

1 week ago