Releases: MartinxMax/S-Clustr
S-Clustr-Simple
S-Clustr (Shadow Cluster) Simple
-darkblue){kind=icon}
Pseudo Compiler
This pseudo compiler constructs an effective control payload for the (Shadow Cluster) client using pseudo C language code.
$ python scc.py
- The top section allows you to adjust the font size.
- Checking the checkbox generates a random key, with a default length of 12 characters. If unchecked, you can manually input the encryption key, but it must be longer than 6 characters.
- Code editor box, used for writing pseudo C language programs. The shadow header file includes three basic functions: run, stop, and delay. You can write the control logic in the main function.
- Output window displays the execution results, including the payload path and the key.
- Compile: When the program is completed, the code will be formatted, syntax-checked, and then the control payload will be generated.
- Format: Beautifies the input box code into C language format.
After compilation, the payload will be generated in the sccopt directory.
You can send this encrypted program to your friends in the botnet club.
Running the Shadow Cluster Client with the clustr Package
A test program scctest.py is available in the current directory.
$ python scctest.py
Input the node IP and connect.
The screen will flash red and blue for 3 seconds, then it will attempt to connect to the server one by one (simulating controlled devices connecting). When the panel turns from black to red, it indicates a successful connection in a stopped state. When the device receives a command, the panel will turn green.
Start the Shadow Cluster client and use the load command to exploit it (provided the rhost, rport, and rkey parameters are correctly set).
$ python S-Clustr_Client.py
S-Clustr(V1.1.0 Simple)> load <key> <clustr package>
PS
Interestingly, you can think of this simulation program as one that maliciously alters the traffic lights in a large area of the real world (including streetlights and power equipment systems).
Creating an exe application? A 128x128 large "dot matrix" screen to display an image or GIF?
https://www.youtube.com/watch?v=tWOqI9tmi3Q
| Type | Controlled Device | Wired | Wireless | 4G | Security Encryption | Protocol |
|---|---|---|---|---|---|---|
| Embedded | Arduino | √ | × | √ | × | TCP/IP |
| Embedded | Ai-Thinker AIR780E | × | × | √ | × | TCP/IP |
| Embedded | ESP8266 | × | √ | × | × | TCP/IP |
| Embedded | AT89C51 | × | × | √ | × | TCP/IP |
| Embedded | STM32[103fc6t6] | × | × | √ | × | TCP/IP |
| PLC | SIEMENS S7-1200 | √ | × | × | √ | TCP/IP |
| PLC | SIEMENS S7-200 | √ | × | × | √ | TCP/IP |
| Controlled PC Platform | Protocol | Security Encryption |
|---|---|---|
| Windows | TCP/IP | Optional |
| Linux | TCP/IP | Optional |
| Mac OS | TCP/IP | Optional |
| Server Files | Description |
|---|---|
| S-Clustr_Server | Server |
| S-Clustr_Client | Attacker Client |
| DebugDevice | Simulates embedded device connecting to server |
| Generate | One-click generation of embedded device programs |
| Testpc | Windows host connecting to server |
| blacklist.conf | Blacklist, marks IP groups that are prohibited from connecting |
| Server.conf | Configuration parameters for the server |
| Version.conf | Version information |
| Linux_Installer.sh | Linux environment dependency installer |
| Windows_Installer.bat | Windows environment dependency installer |
| Parameter_Description-EN.xls | [English] Description of parameters in Server.conf |
| Parameter_Description-ZH.xls | [Chinese] Description of parameters in Server.conf |
S-Clustr-Ring-Network
Security Update Announcement
Version: 3.2
Date: 2024/8/9
Dear Users,
We wish to inform you about a critical security vulnerability found in versions of S-Clustr (RingNetwork) up to and including version 3.1 (excluding the Simple version). This vulnerability involves a high-risk encoding attack that can severely impact botnet nodes by causing disconnections, leading to potential system instability.
Vulnerability Details:
- Issue: High-risk encoding attack vulnerability
- Affected Versions: S-Clustr (RingNetwork) <= 3.1 (excluding Simple version)
- Impact: Disconnection of botnet nodes and potential system instability
Resolution:
The issue has been effectively addressed and resolved in version 3.2. We strongly recommend that all users upgrade to this version to prevent disconnections and ensure system stability.
Upgrade Instructions:
- Download the latest version from GitHub Releases.
- Follow the installation instructions provided in the documentation to complete the update.
S-Clustr (Shadow Cluster)
Overview
| No. | Feature Description |
|---|---|
| 1 | Dual-key encryption & pseudo-protocol transmission |
| 2 | Anonymous mode for node access |
| 3 | Defense against replay attacks from other hackers |
| 4 | Decentralized, where each server can act as a root node (child nodes can join the network using a ring key), with up to 50,000 controlled devices per node |
| 5 | Ring network circle (a club of zombie networks) |
| 6 | Efficient handling of high-concurrency traffic |
| 7 | Support for multiple device types (personal computers/IT devices, IOT devices, OT devices) |
| 8 | Reverse connection support for multiple programming languages (C, C++, Go, Python, Java, etc., with network communication capabilities) |
Devices
| Type | Device | LAN | Wireless | 4G |
|---|---|---|---|---|
| IOT | Arduino | √ | × | √ |
| IOT | Hezhou AIR780e | × | × | √ |
| IOT | ESP8266 | × | √ | × |
| IOT | AT89C51 | × | × | √ |
| IOT | STM32 | × | × | √ |
| OT/PLC | SIEMENS S7-1200 | √ | × | × |
| OT/PLC | SIEMENS S7-200 | √ | × | × |
| IT | PC | √ | √ | × |