Skip to content

Latest commit

 

History

History
87 lines (81 loc) · 3.5 KB

README.md

File metadata and controls

87 lines (81 loc) · 3.5 KB
Raw

FHookC2

fhook

FHookC2 was developed on top of PythonRAT by Safesploit. You can find their GitHub here.

FHook is a Command and Control server which allows an individual to accept connections from multiple remote clients via a remote access tool. This is only for educational purposes, please do not use this to perform any form of illegal activity and always get permission prior to remoting into an individuals device.

C2 Features

  • Tracks current working directory
    • Enables server to change directories on the client
  • TLS encryption
  • Gives basic host machine information
  • Check user privileges
  • Download file from client
  • Upload file to client
  • Single file encrpytion
    • Encrpytion key is stored in client memory
    • Encryption key is sent to the server
      • Key name is based off the file that was encrypted
  • User directory encryption
    • Encrpytion key is stored in client memory
    • Encryption key is sent to the server
      • Key name is based off the username the directory that was encrypted
  • Screenshot of the users main display
    • Image is stored in the clients memory
    • Image is sent to the server
  • Webcam Picture
    • Picture is taken via the webcam and stored in clients memory
    • Picture is sent to the server
  • Persistence
    • Registry
      • Server can give a registry name and the target file to create persistence
    • Startup
      • Server can give the target file to add to the startup folder
  • Steal Browser Passwords
    • Google Chrome
      • Loads passwords into a byte array and sends to the server
  • Steal Browser Cookies
    • Google Chrome
      • Loads cookies into a byte array and sends to the server

Dependencies

Server

pip install -r server_requirements.txt

Client

pip install -r client_requirements.txt

OpenSSL

Download OpenSSL to create a certificate.

Windows

Download the correct version here.

Linux

sudo apt install openssl

Creating the certifcate

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

Change SERVER IP

Please ensure that you change the server IP address from "SERVER IP" to your servers (i.e the attackers) IP address. Both server.py and client.py have this string that needs to be replaced. serverip clientip

Create Exe

Install pyinstaller python package

pip install pyinstaller

Use pyinstaller to create an exe from your client python script.

pyinstaller --onefile --noconsole client.py

This should create client.exe inside of a dist (distribution) folder.

Command Help

Selection Menu

target_manual

Target Commands

manual

Initial Connection(s)

initial_conn

Show All Targets

targets

Select Target

cwd