saumyajeetdas / godgenesis Goto Github PK

A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoints.

License: MIT License

Python 100.00%

antivirus-evasion c2server exploit fud hacking malware penetration-testing python3 redteam vapt

godgenesis's Introduction

Welcome To God Genesis

God Genesis is a C2 server purely coded in Python3 created to help Red Teamers and Penetration Testers. Currently It only supports TCP reverse shell but wait a min, its a FUD and can give u admin shell from any targeted WINDOWS Machine.

The List Of Commands It Supports :-

                ===================================================================================================
                  BASIC COMMANDS:
                ===================================================================================================
                            help                  --> Show This Options
                            terminate             --> Exit The Shell Completely
                            exit                  --> Shell Works In Background And Prompted To C2 Server
                            clear                 --> Clear The Previous Outputs

                ===================================================================================================
                  SYSTEM COMMANDS:
                ===================================================================================================
                            cd                    --> Change Directory
                            pwd                   --> Prints Current Working Directory
                            mkdir *dir_name*      --> Creates A Directory Mentioned
                            rm *dir_name*         --> Deletes A Directoty Mentioned
                            powershell [command]  --> Run Powershell Command
                            start *exe_name*      --> Start Any Executable By Giving The Executable Name

                ===================================================================================================
                  INFORMATION GATHERING COMMANDS:
                ===================================================================================================
                            env                   --> Checks Enviornment Variables
                            sc                    --> Lists All Services Running
                            user                  --> Current User
                            info                  --> Gives Us All Information About Compromised System
                            av                    --> Lists All antivirus In Compromised System

                ===================================================================================================
                  DATA EXFILTRATION COMMANDS:
                ===================================================================================================
                            download *file_name*  --> Download Files From Compromised System
                            upload *file_name*    --> Uploads Files To Victim Pc


                ===================================================================================================
                  EXPLOITATION COMMANDS:
                ===================================================================================================
                            persistence1          --> Persistance Via Method 1
                            persistence2          --> Persistance Via Method 2
                            get                   --> Download Files From Any URL
                            chrome_pass_dump      --> Dump All Stored Passwords From Chrome Bowser
                            wifi_password         --> Dump Passwords Of All Saved Wifi Networks
                            keylogger             --> Starts Key Logging Via Keylogger
                            dump_keylogger        --> Dump All Logs Done By Keylogger 
                            python_install        --> Installs Python In Victim Pc Without UI

Features Of Our Framework :-

Check The Video To Get A Detail Knowledge

1. The Payload.py is a FULLY UNDETECTABLE(FUD) use your own techniques for making an exe file. (Best Result When Backdoored With Some Other Legitimate Applictions)
2. Able to perform privilege escalation on any windows systems.
3. Fud keylogger
4. 2 ways of achieving persistance 
5. Recon automation to save your time.

How To Use Our Tool :

git clone https://github.com/SaumyajeetDas/GodGenesis.git

pip3 install -r requirements.txt

python3 c2c.py

It is worth mentioning that Suman Kumar Chakraborty have contributed in the framework by coding the the the Fud Keyloger, Wifi Password Extraction and Chrome Password Dumper modules.

ESET_20.13.8.mp4

Dont Forget To Change The IP ADDRESS Manually in both c2c.py and payload.py

godgenesis's People

Contributors

Stargazers

Watchers

Forkers

francoataffarel unknwn000 demo-god davidzerox8 junsecurity tobey123 priyanknauni killvxk adooo slaplaplaca1 emptysec1 pdolinic y0d4a vsamiamv vinter-calls kddco presh007 usama7628674 4v4loon wpawlikowski outs1d3r-net rbcrack 5l1v3r1 leesinz ssoad leomatias lucasafurno d3epdiv3r errorlevelz yeho hartl3y94 jodorot ronin-dojo sec-js blackreaper201 boshvix tttttint takianfif liudeguang mamh-mixed jesusgavancho cybercraftsmanx mrvn2018 silocityit wds657 0xabbarhsf su3158 bl4cklabel88 ajdumanhug titounkle apt4hax lowfruithanger ohrenmann memuratozturk bemonolit scarletcurve188 exiahan rossja viafreekab uonlylivetwice 1mr0-tech sup3rm4n73 whitebearvn praveen-misra sneak71 fiebererdi asrilcode labixx21 vjingbi gadora10 orguetta arash2331 zombie-pickle xssec dutchcyberguy gcjordi antonisandreadakis sapewick sec-fork mormkkkk ipop wh04m1i c0de-sin pavisec davidfortytwo penfame sidneysimas virushtk psyrun computedocean oakkaya mynameisjimmy ahmetqara lunatic6996 aqader hijack-everything lcsouzamenezes

godgenesis's Issues

"No module named 'Crypto' " after running payload.py

Hello,

Prior to trojanize/port the payload.py to an .EXE file, I wanted to check how raw python script works. However, when I try to run python3 payload.py I got the following error:

PS C:\Users\usuario.regular\Desktop\GodGenesis> python payload.py
Traceback (most recent call last):
File "C:\Users\usuario.regular\Desktop\GodGenesis\payload.py", line 18, in
from Crypto.Cipher import AES
ModuleNotFoundError: No module named 'Crypto'

Steps taken so far (and didn´t worked):
ran --> pip3 install -r requirements.txt

Output:

PS C:\Users\usuario.regular\Desktop\GodGenesis> pip3 install -r requirements.txt
Collecting readline
Using cached readline-6.2.4.1.tar.gz (2.3 MB)
Preparing metadata (setup.py) ... error
error: subprocess-exited-with-error

× python setup.py egg_info did not run successfully.
│ exit code: 1
╰─> [1 lines of output]
error: this module is not meant to work on Windows
[end of output]

note: This error originates from a subprocess, and is likely not a problem with pip.
error: metadata-generation-failed

× Encountered error while generating package metadata.
╰─> See above for output.

Windows 11 x64 bits, v21H2 22000.1574
Python 3.11.2

list of pip packages installed:

PS C:\Users\usuario.regular\Desktop\GodGenesis> pip3 list
Package Version

certifi 2022.12.7
cffi 1.15.1
charset-normalizer 3.0.1
crypto 1.4.1
cryptography 39.0.1
fernet 1.0.1
idna 3.4
Naked 0.1.32
pip 23.0
pyaes 1.6.1
pycparser 2.21
pycryptodome 3.17
pycryptodomex 3.17
pynput 1.7.6
pypiwin32 223
python-cryptography-fernet-wrapper 1.0.4
pywin32 305
PyYAML 6.0
requests 2.28.2
setuptools 65.5.0
shellescape 3.8.1
six 1.16.0
urllib3 1.26.14

Could you help me to check why is not working?

Regards.

No echo

There is a network connection, but the results cannot be output

Whether it is related to the following error

And I found that the generated exe has been killed by the soft tag

How to use this?

I setup it all in my Kali Linux VM and idk how to setup the payload (ik how to convert to .exe) but how do i share it to the victims pc and when he clicks it, it runs the payload, like wtf do i have to do and how to SET UP this.

detection on windows defender

C2C needs to take arguments

At the moment, I started testing this out after reading about it and quite frankly looks promising.

After a brief review, one thing that C2C should have is that at least it takes arguments so users provides IP address and/interface to bind to plus the port.

At the moment, my time is slightly limited, but I can contribute and take care of that part in like two weeks.

Can't get a connection

I just can't get a connection even before compiling payload.py to exe.
Python 3.10 is installed on my windows machine but still nothing.

When giving command on installing, pip3 install -r requirements.txt, I get an error: ERROR: Could not find a version that satisfies the requirement sqlite3

Can this be the problem why payload doesn't work?

Python and sqlite Error

ERROR: Ignored the following versions that require a different python version: 6.2.4.2 Requires-Python <3.4
ERROR: Could not find a version that satisfies the requirement sqlite3 (from versions: none)
ERROR: No matching distribution found for sqlite3

Unable to perform the privilege escalation

when i start the fodhelper.exe spawns the uac.

Screen share feature is commented out

Is it not stable or does not work at this time?

decode error

If the output of the command contains illegal characters(for example, Chinese characters), decode will fail. c2c.py will not receive the message and will be stuck. So you should add the argument errors="ignore" when decoding the command output in payload.py.