QuickResponseC2 is a stealthy Command and Management (C2) framework that permits oblique and covert communication between the attacker and sufferer machines through an intermediate HTTP/S server. All community exercise is restricted to importing and downloading pictures, making it an absolutely undetectable by IPS/IDS Programs and an excellent device for safety analysis and penetration testing.
Capabilities:
-
Command Execution through QR Codes:
Customers can ship customized instructions to the sufferer machine, encoded as QR codes.
Victims scan the QR code, which triggers the execution of the command on their system.
The command may be something from easy queries to complicated operations primarily based on the check situation. -
End result Retrieval:
Outcomes of the executed command are returned from the sufferer system and encoded right into a QR code.
The server decodes the end result and supplies suggestions to the attacker for additional evaluation or follow-up actions. -
Constructed-in HTTP Server:
The device features a light-weight HTTP server that facilitates the sufferer machine’s retrieval of command QR codes.
Outcomes are despatched again to the server as QR code pictures, and they’re robotically saved with distinctive filenames for simple administration.
The attacker’s machine handles a number of requests, with HTTP logs organized and saved individually. -
Stealthy Communication:
QuickResponseC2 operates underneath the radar, with minimal traces, offering a covert strategy to work together with the sufferer machine with out alerting safety defenses.
Preferrred for safety assessments or testing command-and-control methodologies with out being detected. -
File Dealing with:
The device robotically saves all QR codes (command and end result) to theserver_fileslisting, utilizing sequential filenames likecommand0.png,command1.png, and so forth.
Decoding and processing of end result recordsdata are dealt with seamlessly. -
Person-Pleasant Interface:
The device is operated through a easy command-line interface, permitting customers to arrange a C2 server, ship instructions, and obtain outcomes with ease.
No extra complicated configurations or dependencies are wanted.
Utilization
- First, set up the Dependencies –
pip3 set up -r necessities.txt - Then, run the primary.py
python3 important.py - Select between the choices:
1 – Run the C2 Server
2 – Construct the Sufferer Implant
- Take pleasure in!
Demonstration
https://github.com/user-attachments/belongings/382e9350-d650-44e5-b8ef-b43ec90b315d
Workflow Overview
1. Initialization of the C2 Server
- The attacker launches QuickResponseC2, which creates a light-weight HTTP server (default port:
8080). - This server serves because the middleman between the attacker and sufferer, eliminating any direct connection between them.
2. Command Supply through QR Codes
- The attacker encodes a command right into a QR code and saves it as
commandX.pngon the HTTP server. - The sufferer machine periodically polls the server (e.g., each 1 second) to examine for the presence of a brand new command file.
3. Sufferer Command Execution
- As soon as the sufferer detects a brand new QR code file (
commandX.png), it downloads and decodes the picture to retrieve the command. - The decoded command is executed on the sufferer’s system.
4. End result Encoding and Importing
- The sufferer encodes the output of the executed command right into a QR code and saves it domestically as
resultX.png. - The end result file is then uploaded to the HTTP server.
5. End result Retrieval by the Attacker
- The attacker periodically checks the server for brand spanking new end result recordsdata (
resultX.png). - As soon as discovered, the end result file is downloaded and decoded to retrieve the output of the executed command.
TODO & Contribution
- [x] Generate a Template for the Implant
- [ ] Compile the implant as an .exe robotically
- [x] Save the generated QR Code as bytes in a variable as an alternative of a file – VICTIM Aspect
- [ ] Add an obfuscation on the instructions decoded from the QR Codes robotically
Be happy to fork and contribute! Pull requests are welcome.
