A Proof of Concept (PoC) IRC backdoor written in Python3 NOT CONTINUED -- A re-write of this in a more lightweight language might be in the works :)
First off, don't look at it as a backdoor; look at it as a software to manage your clients from an IRC channel. I know this looks bad but it can actually do some good ;)
I used a "Echo" code for starting the work. Going for pure Python3 with socket rather than using existing IRC clients for Python. I figured this is much cleaner and easier to use.
Sending Commands through the IRC channel and get back stdout and stderr in there. NOT WORKING: canceling commands such as ping etc. So be careful when issuing commands.
First, this entire backdoor is going to be re-written with Asyncio (partially done)
-
Sending multi-line commands and bash scripts
-
Adding PGP security to backdoors rather than SSL
-
Adding File Transfer Feature
-
Sending back command responses in a text file
-
Error handling and freeze/timeout detection
-
A lot more...
- looks like Sending files/scripts and all DCC connections are a bit "too P2P" for a backdoor. So I'm staying out of it to find a better replacement for that feature. Although if you have a root backdoor there's SO MUCH you can do. I mean you might not even need file transfer/script features. Again, use responsibly ;-)
- Gcat, which uses Gmail as backend.
- Twittor, A fully featured backdoor that uses Twitter as a C&C server.
- Also checkout BasicRAT, a cross-platform Python Remote Access Trojan (RAT).
-
Fork me, star me, give me pull requests
-
Take a look at the code. Half (all?) the help and documentaiton is in there