Twittor – Backdoor Using Twitter For Command & Control


Twittor is a stealthy Python based backdoor using Twitter (Direct Messages) as a command and control server. This project has been inspired by Gcat which does the same but using a Gmail account.

Twittor - Backdoor Using Twitter For Command & Control

Setup

For this to work you need:

  • A Twitter account (Use a dedicated account! Do not use your personal one!)
  • Register an app on Twitter with Read, write, and direct messages Access levels.

Install the dependencies:

This repo contains two files:

  • twittor.py which is the client
  • implant.py the actual backdoor to deploy

In both files, edit the access token part and add the ones that you previously generated:

You’re probably going to want to compile implant.py into an executable using Pyinstaller. In order to remove the console when compiling with Pyinstaller, the flags --noconsole --onefile will help. Just saying.

Usage


In order to run the client, launch the script.

You’ll then get into an ‘interactive’ shell which offers few commands that are:

Once you’ve deployed the backdoor on a couple of systems, you can check available clients using the list command:

The output is the MAC address which is used to uniquely identifies the system but also gives you OS information the implant is running on. In that case a Linux box.

Let’s issue a command to an implant:

Here we are telling B7:76:1F:0B:50:B7 to execute cat /etc/passwd, the script then outputs the jobid that we can use to retrieve the output of that command.

You can download Twittor here:

Twittor-master.zip

Or read more here.

Posted in: Hacking Tools, Secure Coding

, , , , ,


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.


Comments are closed.