Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram

Related tags

Third-party APIs Wrappersyoutubetelegram-botonedrivegoogle-drivecovert-channelcommand-and-control
Overview

covert-control

Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the commands in cleartext or encrypted using AES.

  • covert-googledrive.py - Control systems uploading files to a public folder in Google Drive.

  • covert-onedrive.py - Control systems uploading files to a public folder in OneDrive.

  • covert-youtube.py - Control systems uploading videos to Youtube (updated from covert-tube).

  • covert-telegram.py - Control systems with a Telegram bot.

Create files to upload

You can find example files in the folder test_files or create new ones with generate_file.py:

python3 generate_file.py -t TYPE [-o OUTPUTFILE] [-c COMMAND] [-e]

  • -t (--type) [Required]: Types of file: "text", "image", "audio" or "video".

  • -o (--outputfile) [Optional]: Output file.

  • -c (--command) [Optional]: Command to execute.

  • -e (--encrypted) [Optional]: Add this flag to encrypt the command with AES.

Examples:

python3 generate_file.py -t text  -c "whoami" -o text.txt
python3 generate_file.py -t text  -c "whoami" -o text_encrypted.txt -e
python3 generate_file.py -t audio -c "whoami" -o audio.wav
python3 generate_file.py -t audio -c "whoami" -o audio_encrypted.wav -e
python3 generate_file.py -t image -c "whoami" -o image.png
python3 generate_file.py -t image -c "whoami" -o image_encrypted.png -e
python3 generate_file.py -t video -c "whoami" -o video.avi
python3 generate_file.py -t video -c "whoami" -o video_encrypted.avi -e

Configuration

Common configuration values:

  • data_type (Optional. Default: "text"):

    data_type File type Encrypted Valid for Extension
    text Text file No Google Drive, OneDrive .txt
    text_encrypted Text file Yes Google Drive, OneDrive .txt
    image Image No Google Drive, OneDrive .png
    image_encrypted Image Yes Google Drive, OneDrive .png
    audio Audio No Google Drive, OneDrive .wav
    audio_encrypted Audio Yes Google Drive, OneDrive .wav
    video Video No Google Drive, OneDrive, Youtube .avi
    video_encrypted Video Yes Google Drive, OneDrive, Youtube .avi

  • delay_seconds (Optional. Default: 300): Seconds between checks of new files uploaded to the Google Drive or OneDrive folder or new videos in the Youtube channel.

  • aes_key (Optional. Default: "covert-control21"): Key for AES encryption.

  • debug (Optional. Default: True): Print messages and timestamps in the listener or not.

Specific configuration values:

  • googledrive_folder: Url of public Google Drive folder to monitor (for covert-googledrive.py).

  • onedrive_folder: Url of public OneDrive folder to monitor (for covert-onedrive.py).

  • youtube_channel_id: Youtube channel ID of the channel to monitor. You can get it from here (for covert-youtube.py).

  • youtube_api_key: Get an API key creating an application and generating the key in here (for covert-youtube.py).

  • telegram_token: Bot token, create it using BotFather. Write "/newbot", then send a name for the bot (for example, "botname") and a username for the bot ending in "-bot" (for example, "somethingrandombot") (for covert-telegram.py).

  • telegram_username: Specify a Telegram username so it only executes commands received from this user (without "@").

Google Drive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-googledrive.py [FOLDER_URL]

The listener will check the Google Drive folder every 300 seconds by default (can be updated in config.py). In this case a video, "video.avi", is uploaded with the command in the QR of the video:

img1

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img2

Onedrive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-onedrive.py [FOLDER_URL]

The listener will check the OneDrive folder every 300 seconds by default (this can be updated in config.py). In this case an audio, "audio_encrypted.wav", is uploaded with the command encrypted with AES:

img3

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img4

NOTE: This will only work if you do not delete any file in the folder, if you do it you must create a new one. It could be possible to implement it to work even after deleting files, but it would be necessary to create many requests and would be less stealthy.

Youtube

It allows to execute commands uploading videos, unencrypted or encrypted with AES. The optional input arguments are the Youtube channel ID to monitor and the API key, which can be also configured in config.py:

python3 covert-youtube.py [CHANNEL_ID] [API_KEY]

The listener will check the Youtube channel every 300 seconds by default (this can be updated in config.py). First the video is uploaded:

img5

After finding there is a new video in the channel, it is downloaded, processed and the commands are executed:

img6

Telegram

Control systems remotely with a Telegram bot. This option does not allow to upload files, but it is possible to send the commands in cleartext ("/cmd") or encrypted with AES ("/encrypted"). The first optional input argument is the bot token, which can be also configured in config.py; the second one is used to configure a single Telegram user who can send commands to the bot (without "@"):

python3 covert-telegram.py [BOT_TOKEN] [TELEGRAM_USER]

The listener will check the commands in the chat and show the output:

/cmd CLEARTEXT_COMMAND
/encrypted AES_ENCRYPTED_COMMAND

img7

Installation

sudo apt install libzbar0
pip install bs4 Pillow opencv-python pyqrcode pypng pyzbar youtube_dl pytesseract python-telegram-bot requests argparse pycryptodome
git clone https://github.com/ricardojoserf/covert-control && cd covert-control/

Creating standalone binaries

pyinstaller --onefile covert-googledrive.py
pyinstaller --onefile covert-onedrive.py
pyinstaller --onefile covert-telegram.py
pyinstaller --onefile covert-youtube.py
rm -rf build
rm *spec
ls dist/
Owner
Ricardo Ruiz
Ricardo Ruiz
GitHub Repository https://ricardojoserf.github.io/covert-control/
To dynamically change the split direction in I3/Sway so as to split new windows automatically based on the width and height of the focused window

To dynamically change the split direction in I3/Sway so as to split new windows automatically based on the width and height of the focused window Insp

Ritin George 6 Mar 11, 2022
Lumberjack-bot - A game bot written for Lumberjack game at Telegram platform

This is a game bot written for Lumberjack game at Telegram platform. It is devel

Uğur Uysal 6 Apr 07, 2022
Discord Voice Call DoS

VC DoS Simple, effective Discord DM/GC voice call Denial of Service. How to Use & FAQ 1. Download the script (obviously). 2. In CMD prompt, find the l

Roover 4 Feb 28, 2022
Cryptocurrency Trading Bot - A trading bot to automate cryptocurrency trading strategies using Python, equipped with a basic GUI

Cryptocurrency Trading Bot - A trading bot to automate cryptocurrency trading strategies using Python, equipped with a basic GUI. Used REST and WebSocket API to connect to two of the most popular cry

Francis 8 Sep 15, 2022
Dados Públicos de CNPJ disponibilizados pela Receita Federal do Brasil

Dados Públicos CNPJ Fonte oficial da Receita Federal do Brasil, aqui. Layout dos arquivos, aqui. A Receita Federal do Brasil disponibiliza bases com o

Aphonso Henrique do Amaral Rafael 102 Dec 28, 2022
A Python Client for News API

newsapi-python A Python client for the News API. License Provided under MIT License by Matt Lisivick. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRAN

Matt Lisivick 281 Dec 29, 2022
Anti-league-discordbot - Harrasses imbeciles for playing league of legends

anti-league-discordbot harrasses imbeciles for playing league of legends Running

Chris Clem 2 Feb 12, 2022
Track player's stats, find out when they're online and grinding!

Hypixel Stats Tracker Track player's stats, find out when they're online and playing games! INFO Showcase Server: https://discord.gg/yY5qQHPar6 Suppor

4 Dec 18, 2022
Changes the Telegram bio, profile picture, first and last name to the song that the user is currently listening to.

TGBIOFY - Telegram & Spotify integration Changes the Telegram bio, profile picture, first and last name to the song that the user is currently listeni

elpideus 26 Dec 07, 2022
A Telegram AntiChannel bot to ban users who using channel to send message in group

Anti-Channel-bot A Telegram AntiChannel bot to ban users who using channel to send message in group. BOT LINK: Features: Automatic ban Whitelist Unban

Jigar varma 36 Oct 21, 2022
A python based Telegram Bot for Compressing Videos with negligible Quality change

𝕍𝕚𝕕𝕖𝕠 ℂ𝕆𝕄ℙℝ𝔼𝕊𝕊𝕆ℝ 𝔹𝕆𝕋 ᴍᴜʟᴛɪғᴜɴᴄᴛɪᴏɴ ǫᴜᴀʟɪᴛʏ ᴄᴏᴍᴘʀᴇssᴏʀ A Telegram Video CompressorBot it compress videos with negligible Quality change.

Danish 154 Dec 04, 2022
Python Wrapper for aztro - The Astrology API | Get Daily Horoscope 💫

PyAztro PyAztro is a client library for aztro written in Python. aztro provides horoscope info for sun signs such as Lucky Number, Lucky Color, Mood,

Sameer Kumar 30 Jan 08, 2023
Python library for using SMS.ir web services

smsir smsir is a Python library for using SMS web services www.sms.ir Installation Use the package manager pip to install smsir. pip install smsir Usa

mohammad reza 2 Oct 14, 2022
Helpful aws-boto3-scripts - Python3 scripts that include threading to quickly perform a few checks on any keys added to an input file

Helpful aws boto3 scripts python3 scripts that include threading to quickly perf

Cedric Owens 16 Sep 27, 2022
This is a simple Python bot to identify sentiments in tweets

Twitter-Sentiment 👋 Hi There! 📱 This is a simple Python bot to identify sentiments in tweets 👨‍💻 This project was made for study, and pratice. You

Guilherme Silva 1 Oct 28, 2021
Easy & powerful bot to check if your all Telegram bots are working or not

Easy & powerful bot to check if your all Telegram bots are working or not. This bot status bot updates every 105 minutes & runs for 24x7 hours.

35 Dec 30, 2022
A fork of discord.py meant to replace it

Texus A modern, easy to use, feature-rich, and async ready API wrapper for Discord written in Python. Key Features Modern Pythonic API using async and

Texus 1 Nov 18, 2021
Policy and data administration, distribution, and real-time updates on top of Open Policy Agent

⚡ OPAL ⚡ Open Policy Administration Layer OPAL is an administration layer for Open Policy Agent (OPA), detecting changes to both policy and policy dat

8 Dec 07, 2022
A python script to acquire multiple aws ec2 instances in a forensically sound-ish way

acquire_ec2.py The script acquire_ec2.py is used to automatically acquire AWS EC2 instances. The script needs to be run on an EC2 instance in the same

Deutsche Telekom Security GmbH 31 Sep 10, 2022
Ivan Telegram Userbot with python

Riviani Ramadhan Ivan-Ubot Pada Dasarnya Ivan-Ubot adalah userbot Telegram modular yang berjalan di Python3 dengan database sqlalchemy. Berbasis Paper

1 Oct 29, 2021