Gdog – Python Windows Backdoor With Gmail Command & Control

The New Acunetix V12 Engine


Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server, it’s inspired by Gcat and pushes a little beyond a proof of concept with way more features.

Gdog - Python Windows Backdoor With Gmail Command & Control

And don’t forget, Gcat also inspired Twittor – Backdoor Using Twitter For Command & Control.

Features

  • Encrypted transportation messages (AES) + SHA256 hashing
  • Generate computer unique id using system information/characteristics (SHA256 hash)
  • Job IDs are random SHA256 hashes
  • Retrieve system information
  • Retrieve Geolocation information (City, Country, lat, long, etc..)
  • Retrieve running processes/system services/system users/devices (hardware)
  • Retrieve list of clients
  • Execute system command
  • Download files from client
  • Upload files to client
  • Execute shellcode
  • Take screenshot
  • Lock client’s screen
  • Keylogger
  • Lock remote computer’s screen
  • Shutdown/Restart remote computer
  • Log off current user
  • Download file from the WEB
  • Visit website
  • Show message box to user

Usage

Requirements & Setup

For this to work you need:

  • Python 2.x
  • PyCrypto module
  • WMI module
  • Enum34 module
  • Netifaces module

And:

  • A Gmail account (Use a dedicated account! Do not use your personal one!)
  • Turn on “Allow less secure apps” under the security settings of the account.
  • You may also have to enable IMAP in the account settings.

Download/Install

You can download Gdog here:

gdog-v1.0.1.zip

Or read more here.

Posted in: Hacking Tools, Windows Hacking

, , , , ,


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.


Comments are closed.