Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram

Related tags

Third-party APIs Wrappersyoutubetelegram-botonedrivegoogle-drivecovert-channelcommand-and-control
Overview

covert-control

Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the commands in cleartext or encrypted using AES.

  • covert-googledrive.py - Control systems uploading files to a public folder in Google Drive.

  • covert-onedrive.py - Control systems uploading files to a public folder in OneDrive.

  • covert-youtube.py - Control systems uploading videos to Youtube (updated from covert-tube).

  • covert-telegram.py - Control systems with a Telegram bot.

Create files to upload

You can find example files in the folder test_files or create new ones with generate_file.py:

python3 generate_file.py -t TYPE [-o OUTPUTFILE] [-c COMMAND] [-e]

  • -t (--type) [Required]: Types of file: "text", "image", "audio" or "video".

  • -o (--outputfile) [Optional]: Output file.

  • -c (--command) [Optional]: Command to execute.

  • -e (--encrypted) [Optional]: Add this flag to encrypt the command with AES.

Examples:

python3 generate_file.py -t text  -c "whoami" -o text.txt
python3 generate_file.py -t text  -c "whoami" -o text_encrypted.txt -e
python3 generate_file.py -t audio -c "whoami" -o audio.wav
python3 generate_file.py -t audio -c "whoami" -o audio_encrypted.wav -e
python3 generate_file.py -t image -c "whoami" -o image.png
python3 generate_file.py -t image -c "whoami" -o image_encrypted.png -e
python3 generate_file.py -t video -c "whoami" -o video.avi
python3 generate_file.py -t video -c "whoami" -o video_encrypted.avi -e

Configuration

Common configuration values:

  • data_type (Optional. Default: "text"):

    data_type File type Encrypted Valid for Extension
    text Text file No Google Drive, OneDrive .txt
    text_encrypted Text file Yes Google Drive, OneDrive .txt
    image Image No Google Drive, OneDrive .png
    image_encrypted Image Yes Google Drive, OneDrive .png
    audio Audio No Google Drive, OneDrive .wav
    audio_encrypted Audio Yes Google Drive, OneDrive .wav
    video Video No Google Drive, OneDrive, Youtube .avi
    video_encrypted Video Yes Google Drive, OneDrive, Youtube .avi

  • delay_seconds (Optional. Default: 300): Seconds between checks of new files uploaded to the Google Drive or OneDrive folder or new videos in the Youtube channel.

  • aes_key (Optional. Default: "covert-control21"): Key for AES encryption.

  • debug (Optional. Default: True): Print messages and timestamps in the listener or not.

Specific configuration values:

  • googledrive_folder: Url of public Google Drive folder to monitor (for covert-googledrive.py).

  • onedrive_folder: Url of public OneDrive folder to monitor (for covert-onedrive.py).

  • youtube_channel_id: Youtube channel ID of the channel to monitor. You can get it from here (for covert-youtube.py).

  • youtube_api_key: Get an API key creating an application and generating the key in here (for covert-youtube.py).

  • telegram_token: Bot token, create it using BotFather. Write "/newbot", then send a name for the bot (for example, "botname") and a username for the bot ending in "-bot" (for example, "somethingrandombot") (for covert-telegram.py).

  • telegram_username: Specify a Telegram username so it only executes commands received from this user (without "@").

Google Drive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-googledrive.py [FOLDER_URL]

The listener will check the Google Drive folder every 300 seconds by default (can be updated in config.py). In this case a video, "video.avi", is uploaded with the command in the QR of the video:

img1

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img2

Onedrive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-onedrive.py [FOLDER_URL]

The listener will check the OneDrive folder every 300 seconds by default (this can be updated in config.py). In this case an audio, "audio_encrypted.wav", is uploaded with the command encrypted with AES:

img3

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img4

NOTE: This will only work if you do not delete any file in the folder, if you do it you must create a new one. It could be possible to implement it to work even after deleting files, but it would be necessary to create many requests and would be less stealthy.

Youtube

It allows to execute commands uploading videos, unencrypted or encrypted with AES. The optional input arguments are the Youtube channel ID to monitor and the API key, which can be also configured in config.py:

python3 covert-youtube.py [CHANNEL_ID] [API_KEY]

The listener will check the Youtube channel every 300 seconds by default (this can be updated in config.py). First the video is uploaded:

img5

After finding there is a new video in the channel, it is downloaded, processed and the commands are executed:

img6

Telegram

Control systems remotely with a Telegram bot. This option does not allow to upload files, but it is possible to send the commands in cleartext ("/cmd") or encrypted with AES ("/encrypted"). The first optional input argument is the bot token, which can be also configured in config.py; the second one is used to configure a single Telegram user who can send commands to the bot (without "@"):

python3 covert-telegram.py [BOT_TOKEN] [TELEGRAM_USER]

The listener will check the commands in the chat and show the output:

/cmd CLEARTEXT_COMMAND
/encrypted AES_ENCRYPTED_COMMAND

img7

Installation

sudo apt install libzbar0
pip install bs4 Pillow opencv-python pyqrcode pypng pyzbar youtube_dl pytesseract python-telegram-bot requests argparse pycryptodome
git clone https://github.com/ricardojoserf/covert-control && cd covert-control/

Creating standalone binaries

pyinstaller --onefile covert-googledrive.py
pyinstaller --onefile covert-onedrive.py
pyinstaller --onefile covert-telegram.py
pyinstaller --onefile covert-youtube.py
rm -rf build
rm *spec
ls dist/
Owner
Ricardo Ruiz
Ricardo Ruiz
GitHub Repository https://ricardojoserf.github.io/covert-control/
Send embeds using your discord personal account

Welcome to Embed Sender 👋 Send embeds using your discord personal account Install pip install -r requirements.txt Usage Put your discord token in ./

SkydenFly 11 Sep 07, 2022
Cloudkeeper is “housekeeping for clouds” - find leaky resources, manage quota limits, detect drift and clean up.

Cloudkeeper Housekeeping for Clouds! Table of contents Overview Docker based quick start Cloning this repository Component list Contact License Overvi

Some Engineering 1.2k Jan 03, 2023
Currency And Gold Prices - Currency And Gold Prices For Python

Currency_And_Gold_Prices Photos from the app New Update Show range Change better

Ali HemmatNia 4 Sep 19, 2022
Fully automated Chegg Discord bot for "homework help"

cheggbog Fully automated Chegg Discord bot for "homework help". Working Sept 15, 2021 Overview Recently, Chegg has made it extremely difficult to auto

Bryce Hackel 8 Dec 23, 2022
Telegram bot for Whisper Message.

Whisper Bot @WhisperStarkBot A star ⭐ from you means a lot to us! Telegram bot for Whisper Message. Usage Deploy to Heroku Tap on above button and fil

Stark Bots 33 Nov 24, 2022
AminoAutoRegFxck/AutoReg For AminoApps.com

AminoAutoRegFxck AminoAutoRegFxck/AutoReg For AminoApps.com Termux apt update -y apt upgrade -y pkg install python git clone https://github.com/deluvs

3 Jan 18, 2022
Powerful Ethereum Smart-Contract Toolkit

Heimdall Heimdall is an advanced and modular smart-contract toolkit which aims to make dealing with smart contracts on EVM based chains easier. Instal

Jonathan Becker 69 Dec 26, 2022
A telegram bot script for generating session string using pyrogram and telethon on Telegram bot

String-session-Bot Telegram Bot to generate Pyrogram and Telethon String Session. A star ⭐ from you means a lot to us! Usage Deploy to Heroku Tap on a

Wahyusaputra 8 Oct 28, 2022
A small repository with convenience functions for working with the Notion API.

Welcome! Within this respository are a few convenience functions to assist with the pulling and pushing of data from the Notion API.

10 Jul 09, 2022
Discord bot code to stop users that are scamming with fake messages of free discord nitro on servers in order to steal users accounts.

AntiScam Discord bot code to stop users that are scamming with fake messages of free discord nitro on servers in order to steal users accounts. How to

H3cJP 94 Dec 15, 2022
Telegram vc userbot

Telegram Vc Userbot Available Commands /ping :- To check whether userbot is up or not /joinvc :- To join vc /leavevc :- To leave vc /join_group :- To

NandyDark 7 Nov 18, 2022
Python binding to the OneTimeSecret API

Thin Python binding for onetimesecret.com API. Unicode-safe. Description of API itself you can find here: https://onetimesecret.com/docs/api Usage:

Vladislav Stepanov 10 Jun 12, 2022
Hcl.py is an Amino client for Python

Hcl.py Hcl.py Hcl.py is an Amino client for Python. It provides to access aminoapps Web, app and socket servers. Developed BY Kapidev And Upgraded BY

Oustex 3 Dec 02, 2021
A telegram smoot and high quality music player bot.

▪︎ Music Player ▪︎ A smooth telegram music bot with high quality songs ■ [Features] • Fast Starts streaming your inputs while downloading and converti

Simple Boy 3 Feb 05, 2022
Some python code to make twitter bots ;)

How to set up a twitter bot using python's tweepy library Create a twitter developer account and project Make sure you are logged into your twitter ac

Wael 2 Jan 10, 2022
Sunflower-farmers-automated-bot - Sunflower Farmers NFT Game automated bot.IT IS NOT a cheat or hack bot

Sunflower-farmers-auto-bot Sunflower Farmers NFT Game automated bot.IT IS NOT a

Arthur Alves 17 Nov 09, 2022
Backtest 1000s of minute-by-minute trading algorithms for training AI with automated pricing data from: IEX, Tradier and FinViz. Datasets and trading performance automatically published to S3 for building AI training datasets for teaching DNNs how to trade. Runs on Kubernetes and docker-compose. >150 million trading history rows generated from +5000 algorithms. Heads up: Yahoo's Finance API was disabled on 2019-01-03 https://developer.yahoo.com/yql/

Stock Analysis Engine Build and tune investment algorithms for use with artificial intelligence (deep neural networks) with a distributed stack for ru

828 Dec 28, 2022
This repo contains a small project i've done using PILLOW module in python

This repo contains a small project i've done using PILLOW module in python. I wrote an automated script which generates more than 5k+ unique nfts with 0 hassle in less time.

SasiVatsal 11 Nov 05, 2022
Powerful Telegram userbot to turn your PROFILE PICTURE & LAST NAME into a real time clock & to change your BIO automatically.

DATE_TIME_USERBOT-TeLeTiPs Powerful Telegram userbot to turn your PROFILE PICTURE & LAST NAME into a real time clock & to change your BIO automaticall

53 Jan 05, 2023
Unarchive Bot for Telegram

Telegram UnArchiver Bot UnArchiveBot: 🇬🇧 Bot that allows you to extract supported archive formats in telegram. 🇹🇷 Desteklenen arşiv biçimleri tele

Hüzünlü Artemis [HuzunluArtemis] 25 May 07, 2022