Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home News

Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit

admin by admin
April 4, 2023
in News




Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.



[Disclaimer]: Use of this project is for Educational/ Testing purposes only. Using it on unauthorised machines is strictly forbidden. If somebody is found to use it for illegal/ malicious intent, author of the repo will not be held responsible.

 

Requirements

Install PRAW library in python3:

Quickstart

See the Quickstart guide on how to get going right away!

Demo

Workflow

Teamserver

  1. Go to the specific Reddit Post & post a new comment with the command (“in: “)
  2. Read for new comment which includes the word “out:”
  3. If no such comment is found, go back to step 2
  4. Parse the comment, decrypt it and read it’s output
  5. Edit the existing comment to “executed”, to avoid reexecuting it

Client

  1. Go to the specific Reddit Post & read the latest comment which includes “in:”
  2. If no new comment is detected, go back to step 1
  3. Parse the command out of the comment, decrypt it and execute it locally
  4. Encrypt the command’s output and reply it to the respective comment (“out:” )

Below is a demonstration of the XOR-encrypted C2 traffic for understanding purposes:

Scanning results

Since it is a custom C2 Implant, it doesn’t get detected by any AV as the bevahiour is completely legit.

TO-DO

Credits

Special thanks to @T4TCH3R for working with me and contributing to this project.





Source link

Tags: cybersecurityethical hackinghack androidhack apphack wordpresshacker newshackinghacking tools for windowskeyloggerkitkitploitpassword brute forcepenetration testingpentestpentest androidpentest linuxpentest toolkitpentest toolsspy tool kitspywaretools
Previous Post

How to Fix the Hulu Proxy Error

Next Post

In-depth Review: Siemens SIMATIC S7-1200 PLC

Next Post

In-depth Review: Siemens SIMATIC S7-1200 PLC

Recommended

Why Economic Downturns Put Innovation at Risk And Threaten Cybersafety

5 months ago

New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks

8 months ago

© Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.