A stealthy Python based backdoor that uses Twitter (Direct Messages) as a command and control server This project has been inspired by Gcat which does the same but using a Gmail account.
For this to work you need:
- A Twitter account (Use a dedicated account! Do not use your personal one!)
- Register an app on Twitter with Read, write, and direct messages Access levels.
Install the dependencies:
$ pip install -r requirements.txt
This repo contains two files:
twittor.pywhich is the client
implant.pythe actual backdoor to deploy
In both files, edit the access token part and add the ones that you previously generated:
CONSUMER_TOKEN = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' CONSUMER_SECRET = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' ACCESS_TOKEN = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' ACCESS_TOKEN_SECRET = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' USERNAME = 'XXXXXXXXXXXXXXXXXXXXXXXX'
You’re probably going to want to compile
implant.py into an executable using Pyinstaller In order to remove the console when compiling with Pyinstaller, the flags
--noconsole --onefile will help. Just saying.