Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram

Related tags

Third-party APIs Wrappersyoutubetelegram-botonedrivegoogle-drivecovert-channelcommand-and-control
Overview

covert-control

Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the commands in cleartext or encrypted using AES.

  • covert-googledrive.py - Control systems uploading files to a public folder in Google Drive.

  • covert-onedrive.py - Control systems uploading files to a public folder in OneDrive.

  • covert-youtube.py - Control systems uploading videos to Youtube (updated from covert-tube).

  • covert-telegram.py - Control systems with a Telegram bot.

Create files to upload

You can find example files in the folder test_files or create new ones with generate_file.py:

python3 generate_file.py -t TYPE [-o OUTPUTFILE] [-c COMMAND] [-e]

  • -t (--type) [Required]: Types of file: "text", "image", "audio" or "video".

  • -o (--outputfile) [Optional]: Output file.

  • -c (--command) [Optional]: Command to execute.

  • -e (--encrypted) [Optional]: Add this flag to encrypt the command with AES.

Examples:

python3 generate_file.py -t text  -c "whoami" -o text.txt
python3 generate_file.py -t text  -c "whoami" -o text_encrypted.txt -e
python3 generate_file.py -t audio -c "whoami" -o audio.wav
python3 generate_file.py -t audio -c "whoami" -o audio_encrypted.wav -e
python3 generate_file.py -t image -c "whoami" -o image.png
python3 generate_file.py -t image -c "whoami" -o image_encrypted.png -e
python3 generate_file.py -t video -c "whoami" -o video.avi
python3 generate_file.py -t video -c "whoami" -o video_encrypted.avi -e

Configuration

Common configuration values:

  • data_type (Optional. Default: "text"):

    data_type File type Encrypted Valid for Extension
    text Text file No Google Drive, OneDrive .txt
    text_encrypted Text file Yes Google Drive, OneDrive .txt
    image Image No Google Drive, OneDrive .png
    image_encrypted Image Yes Google Drive, OneDrive .png
    audio Audio No Google Drive, OneDrive .wav
    audio_encrypted Audio Yes Google Drive, OneDrive .wav
    video Video No Google Drive, OneDrive, Youtube .avi
    video_encrypted Video Yes Google Drive, OneDrive, Youtube .avi

  • delay_seconds (Optional. Default: 300): Seconds between checks of new files uploaded to the Google Drive or OneDrive folder or new videos in the Youtube channel.

  • aes_key (Optional. Default: "covert-control21"): Key for AES encryption.

  • debug (Optional. Default: True): Print messages and timestamps in the listener or not.

Specific configuration values:

  • googledrive_folder: Url of public Google Drive folder to monitor (for covert-googledrive.py).

  • onedrive_folder: Url of public OneDrive folder to monitor (for covert-onedrive.py).

  • youtube_channel_id: Youtube channel ID of the channel to monitor. You can get it from here (for covert-youtube.py).

  • youtube_api_key: Get an API key creating an application and generating the key in here (for covert-youtube.py).

  • telegram_token: Bot token, create it using BotFather. Write "/newbot", then send a name for the bot (for example, "botname") and a username for the bot ending in "-bot" (for example, "somethingrandombot") (for covert-telegram.py).

  • telegram_username: Specify a Telegram username so it only executes commands received from this user (without "@").

Google Drive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-googledrive.py [FOLDER_URL]

The listener will check the Google Drive folder every 300 seconds by default (can be updated in config.py). In this case a video, "video.avi", is uploaded with the command in the QR of the video:

img1

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img2

Onedrive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-onedrive.py [FOLDER_URL]

The listener will check the OneDrive folder every 300 seconds by default (this can be updated in config.py). In this case an audio, "audio_encrypted.wav", is uploaded with the command encrypted with AES:

img3

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img4

NOTE: This will only work if you do not delete any file in the folder, if you do it you must create a new one. It could be possible to implement it to work even after deleting files, but it would be necessary to create many requests and would be less stealthy.

Youtube

It allows to execute commands uploading videos, unencrypted or encrypted with AES. The optional input arguments are the Youtube channel ID to monitor and the API key, which can be also configured in config.py:

python3 covert-youtube.py [CHANNEL_ID] [API_KEY]

The listener will check the Youtube channel every 300 seconds by default (this can be updated in config.py). First the video is uploaded:

img5

After finding there is a new video in the channel, it is downloaded, processed and the commands are executed:

img6

Telegram

Control systems remotely with a Telegram bot. This option does not allow to upload files, but it is possible to send the commands in cleartext ("/cmd") or encrypted with AES ("/encrypted"). The first optional input argument is the bot token, which can be also configured in config.py; the second one is used to configure a single Telegram user who can send commands to the bot (without "@"):

python3 covert-telegram.py [BOT_TOKEN] [TELEGRAM_USER]

The listener will check the commands in the chat and show the output:

/cmd CLEARTEXT_COMMAND
/encrypted AES_ENCRYPTED_COMMAND

img7

Installation

sudo apt install libzbar0
pip install bs4 Pillow opencv-python pyqrcode pypng pyzbar youtube_dl pytesseract python-telegram-bot requests argparse pycryptodome
git clone https://github.com/ricardojoserf/covert-control && cd covert-control/

Creating standalone binaries

pyinstaller --onefile covert-googledrive.py
pyinstaller --onefile covert-onedrive.py
pyinstaller --onefile covert-telegram.py
pyinstaller --onefile covert-youtube.py
rm -rf build
rm *spec
ls dist/
Owner
Ricardo Ruiz
Ricardo Ruiz
GitHub Repository https://ricardojoserf.github.io/covert-control/
Tracks twitter spaces and sends it to a discord webhook.

Tracks twitter spaces and sends it to a discord webhook. Uses the twitter api to find twitter spaces and then the m3u8 url for the space is found using selenium and will have it posted using a discor

Sam Phung 20 Dec 17, 2022
Sakura: an powerfull Autofilter bot that can be used in your groups

Sakura AutoFilter This Bot May Look Like Mwk_AutofilterBot And Its Because I Like Its UI, That's All Sakura is an powerfull Autofilter bot that can be

PaulWalker 12 Oct 21, 2022
This Server Cloner can clone the server you want with all the perms of roles in every particular channel.

Server-Cloner-with-perms ๐Ÿš€ This Server Cloner can clone the server you want with all the perms of roles in every particular channel. Features Clone C

Gripz 0 Feb 17, 2022
Mega.nz to GDrive uploader

Mega.nz to GDrive uploader With this telegram bot you can download files from mega.nz and upload those files or telegram uploaded files to GDrive. You

30 Nov 13, 2022
Images to PDF Telegram Bot

ilovepdf Convert Images to PDF Bot This bot will helps you to create pdf's from your images [without leaving telegram] ๐Ÿ˜‰ By Default: your pdf fil

โœฐNaอฅbiอฃlอซ A Navabโœฐ 116 Dec 29, 2022
AK-LEECH-BOT - AK LEECH BOT For python

Benefits :- โœ“ Google Drive link cloning using gclone.(wip) โœ“ Telegram File mirro

5 Mar 24, 2022
Python client for Messari's API

Messari API Messari provides a free API for crypto prices, market data metrics, on-chain metrics, and qualitative information (asset profiles). This d

Messari 85 Dec 22, 2022
Eclipse-grabber - Generate Discord Token Grabbers for both Windows and MacOS

Eclipse Grabber Eclipse Discord Token Grabber What is Eclipse? Eclipse is an ope

Dimitris Kalopisis 117 Dec 23, 2022
Posts word definitions on Twitter daily

Word Of The Day bot Post daily word definitions on social media. Twitter account: https://twitter.com/WordOfTheDay_B Introduction The goal of this pro

Lucas Rijllart 1 Jan 08, 2022
A simple and stupid Miinto API wrapper

miinto-api-wrapper Miinto API Wrapper is a simple python wrapper for Miinto API. Miinto is a fashion luxury marketplace. For more information see the

Giuseppe Checchia 3 Jan 09, 2022
CSUL Discord Bot

Cruzeiro This is the same old bot running on the Discord Server of CSUL, but i've changed the code. It's better now. Discord.py Heroku How i did The b

Operaho 6 Jan 31, 2022
์นผ๋งŒ ํ•„ํ„ฐ๋Š” ์–ด๋ ต์ง€ ์•Š์•„(์ €์ž ๊น€์„ฑํ•„) ํŒŒ์ด์ฌ ์ฝ”๋“œ(Unofficial)

KalmanFilter_Python ์นผ๋งŒ ํ•„ํ„ฐ๋Š” ์–ด๋ ต์ง€ ์•Š์•„(์ €์ž ๊น€์„ฑํ•„) ์ฑ…์„ ๊ณต๋ถ€ํ•˜๋ฉด์„œ, Matlab ์ฝ”๋“œ๋ฅผ Python์œผ๋กœ ๋ณ€ํ™˜ํ•œ ๊ฒƒ์ž…๋‹ˆ๋‹ค. Contents Part01. Recursive Filter Chapter01. Average Filter Chapter0

Donghun Park 20 Oct 28, 2022
Group Management Bot

โค๏ธ ๐—ฆ๐—›๐—”๐——๐—œ๐—ฌ๐—ข โค๏ธ A Powerful, Smart And Advance Group Manager ... Written with AioGram , Pyrogram and Telethon... โญ๏ธ Thanks to everyone who starred

Abdisamad Omar Mohamed 4 Dec 01, 2021
Spacecrypto-bot - SpaceCrypto Bot Auto Clicker

SpaceCrypto Auto Clicker Bot Tambรฉm fiz um para Luna Rush ( https://github.com/w

Walter Discher Cechinel 5 Feb 22, 2022
Python 3 SDK/Wrapper for Huobi Crypto Exchange Api

This packages intents to be an idiomatic PythonApi wrapper for https://www.huobi.com/ Huobi Api Doc: https://huobiapi.github.io/docs Showcase TODO Con

3 Jul 28, 2022
An attempt to escape the horrible JIRA editor.

An attempt to escape the horrible JIRA editor. jira_filter.py is a pandoc filter that cleans up some of JIRA's html so that it can be converted to Mar

Stefan Matting 2 Feb 10, 2022
discord token grabber scam - eductional purposes only!

Discord-QR-Scam ืชื•ืคืก ืืกื™ืžื•ืŸ ืชืžื•ื ื” ืฉืœ Discord ืขืœ ืื•ื“ื•ืช ืกืงืจื™ืคื˜ Python ืฉื™ื•ืฆืจ ืื•ื˜ื•ืžื˜ื™ืช ืงื•ื“ QR ื”ื•ื ืื” ืฉืœ Nitro ื•ืชื•ืคืก ืืช ืืกื™ืžื•ืŸ ื”ื“ื™ืกืงื•ืจื“ ื‘ืขืช ืกืจื™ืงื”. ื›ืœื™ ื–ื” ืžื“

Amit Pinchasi 0 May 22, 2022
A simple message content sniping Discord bot which you can run yourself! Sniping API pulled from isobot and Arch bot

Discord Snipe Bot This is a bot made with the same message content sniping API from isobot and Arch bot. It's default prefix is -, however you can als

notsniped 5 Aug 11, 2022
A Telegram bot to download youtube playlists and upload them to telegram. (may be slow becoz youtube limitations)

YTPlaylistDL ๐Ÿ“› A Telegram bot to download youtube playlists and upload them to telegram. (may be slow becoz youtube limitations) ๐ŸŽฏ Follow me and sta

Anjana Madu 43 Dec 28, 2022
Wallpaper API from wallpaperscraft.com

wallpaper-api Wallpaper API from https://wallpaperscraft.com for API documentation see https://maajid-wallpaper-api.deta.dev/docs How to Run first, cl

Athallah Muhammad Maajid 2 Apr 06, 2022