BlackMamba : C2/Post-Exploitation Framework

BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework.

Features

  • Multi-Client – Supports multiple client connections at the same time.
  • Real-Time Communication Updates – Real-time communication and updates between the client and server.
  • Encrypted Communication – Almost all communications are encrypted, except for screen video streaming.
  • Screenshot Gathering – Get a real-time screenshot from the client.
  • Video Streaming – Watch in real-time the client screen.
  • Client Lock – Lock and unlock the machine of the client.
  • Encrypted File Transfer (upload/download) – Download files from the client or uploads files for the client.
  • Keylogger – Register all the keys pressed by the client.
  • Web Downloader – Download files from URLs or content by RAW pages.

Install Guide

SERVER INSTALL

  • Download the BlackMamba;
  • Install the PIP packages;

pip install -r requirements.txt

PyQt5
Pillow
PyAutoGUI
pytest-shutil
cryptography
pynput
pygame

  • Open the port 65000 and 65005 in your Gateway or Router (the port number is optional);
  • Create an exception in the firewall for BlackMamba or disable it;
  • Go to “BlackMamba/bin/profile/socket.txt” and input the port number opened;

SERVER_IP=0.0.0.0
PORT=65000
PORT_VIDEO=65005

IMPORTANT: Do not change the 0.0.0.0.

  • (OPTIONAL) – Go to the BlackMamba folder and open the “keygen.py” file. Copy the resulting key and paste in the “BlackMamba/bin/profile/crypt_key.py” ;

The BlackMamba uses a default cryptography key. It is interesting that you change it.

  • Back to BlackMamba root folder and open the “main.py” file;

WINDOWS
python main.py

GNU/LINUX
sudo chmod 777 main.py
sudo python3.8 main.py

KALI LINUX
(sudo chmod 777 main.py)
(sudo python3 main.py)

  • Click on the button that has a person icon and plus signal;
  • Input the path where the Python file will be created, input both port numbers and the IP address (external or local) of your host, then click on the “Create” button.

CLIENT INSTALL

After creating the Client script, you’ll need to open the script in the host target:

  • WINDOWS

python script.py

  • GNU/LINUX
  • Download the packages:

scrot -y
python3-pip -y
python3-tk -y
python3-dev -y

  • sudo python3.8 script.py

KALI LINUX
(sudo python3 script.py)

IMPORTANT: The script of the client does not have persistence. If you want to do persistence, you’ll need to make it by yourself. Another important point is that the client script maybe delay some seconds or few minutes for connect/reconnect.

Release Status

Currently the BlackMamba is on beta stage, this means that the features are all completed but likely to contain a number of known and unknown bugs. It is important to reinforce that most critical bugs like crashes or buffer overflow have already been solved.

Download
R K

Share
Published by
R K
Tags: BlackMambaC2Framework
4 years ago

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago