Gdog – Python Windows Backdoor With Gmail Command & Control

Last updated: May 4, 2016 | 8,726 views

Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server, it’s inspired by Gcat and pushes a little beyond a proof of concept with way more features.

Gdog - Python Windows Backdoor With Gmail Command & Control

And don’t forget, Gcat also inspired Twittor – Backdoor Using Twitter For Command & Control.

Features

Encrypted transportation messages (AES) + SHA256 hashing
Generate computer unique id using system information/characteristics (SHA256 hash)
Job IDs are random SHA256 hashes
Retrieve system information
Retrieve Geolocation information (City, Country, lat, long, etc..)
Retrieve running processes/system services/system users/devices (hardware)
Retrieve list of clients
Execute system command
Download files from client
Upload files to client
Execute shellcode
Take screenshot
Lock client’s screen
Keylogger
Lock remote computer’s screen
Shutdown/Restart remote computer
Log off current user
Download file from the WEB
Visit website
Show message box to user

Usage

               __
           ____ _____/ /___  ____ _
          / __ `/ __  / __ \/ __ `/
         / /_/ / /_/ / /_/ / /_/ /
         \__, /\__,_/\____/\__, /
        /____/            /____/

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  -id ID                Client to target
  -jobid JOBID          Job id to retrieve

  -list                 List available clients
  -info                 Retrieve info on specified client

Commands:
  Commands to execute on an implant

  -cmd CMD              Execute a system command
  -visitwebsite URL     Visit website
  -message TEXT TITLE   Show message to user
  -tasks                Retrieve running processes
  -services             Retrieve system services
  -users                Retrieve system users
  -devices              Retrieve devices(Hardware)
  -download PATH        Download a file from a clients system
  -download-fromurl URL
                        Download a file from the web
  -upload SRC DST       Upload a file to the clients system
  -exec-shellcode FILE  Execute supplied shellcode on a client
  -screenshot           Take a screenshot
  -lock-screen          Lock the clients screen
  -shutdown             Shutdown remote computer
  -restart              Restart remote computer
  -logoff               Log off current remote user
  -force-checkin        Force a check in
  -start-keylogger      Start keylogger
  -stop-keylogger       Stop keylogger

____ _____/ /___ ____ _

/ __ `/ __ / __ \/ __ `/

/ /_/ / /_/ / /_/ / /_/ /

\__, /\__,_/\____/\__, /

/____/ /____/

optional arguments:

-h, --help show this help message and exit

-v, --version show program's version number and exit

-id ID Client to target

-jobid JOBID Job id to retrieve

-list List available clients

-info Retrieve info on specified client

Commands:

Commands to execute on an implant

-cmd CMD Execute a system command

-visitwebsite URL Visit website

-message TEXT TITLE Show message to user

-tasks Retrieve running processes

-services Retrieve system services

-users Retrieve system users

-devices Retrieve devices(Hardware)

-download PATH Download a file from a clients system

-download-fromurl URL

Download a file from the web

-upload SRC DST Upload a file to the clients system

-exec-shellcode FILE Execute supplied shellcode on a client

-screenshot Take a screenshot

-lock-screen Lock the clients screen

-shutdown Shutdown remote computer

-restart Restart remote computer

-logoff Log off current remote user

-force-checkin Force a check in

-start-keylogger Start keylogger

-stop-keylogger Stop keylogger

Requirements & Setup

For this to work you need:

Python 2.x
PyCrypto module
WMI module
Enum34 module
Netifaces module

And:

A Gmail account (Use a dedicated account! Do not use your personal one!)
Turn on “Allow less secure apps” under the security settings of the account.
You may also have to enable IMAP in the account settings.

Download/Install

git clone https://github.com/maldevel/gdog
pip install -r requirements.txt --user

1 2	git clone https://github.com/maldevel/gdog pip install -r requirements.txt --user

You can download Gdog here:

Or read more here.

313 Shares

Posted in: Hacking Tools, Windows Hacking

backdoor, command and control, hacking-windows, Python, python backdoor, windows-backdoor

Navigation

Gdog – Python Windows Backdoor With Gmail Command & Control

Features

Usage

Requirements & Setup

Download/Install

Latest Posts:

Comments are closed.