A Python based backdoor that uses a Cloud Image Service (Cloudinary) as a command and control server. Use by your own risk!
Using Steganography all the commands are “inserted” in ramdom images downloaded from imgur and uploaded to a Cloud service in this PoC Cloudinary.
This project has been inspired by Gcat and Twittor which does the same but using a Cloud Image Service in this Proof of concept Cloudinary but can be used in any other like Instagram, Flickr or Imgur using their API services.
Dependencies
+ 2.7 < Python < 3.0
+ python cloudinary module
+ Steghide steghide
Ubuntu 14.04/Kali 2.0/Debian:
sudo apt-get install python python-pip python-dev build-essential libsqlite3-dev sudo apt-get install steghide git clone https://github.com/1modm/stegator && cd stegator pip install -r requirements.txt then edit: implant.py cloudinary.config( cloud_name = "your cloud", api_key = "xxxxxxxxxxxx", api_secret = "xxxxxxxxxxxx" ) and run: python stegator.py
Source: https://github.com/1modm