Skip to content
/ FHook Public

FHook is a Command and Control server which allows an individual to accept connections from multiple remote clients via a remote access tool.

License

MIT license
12 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fish-not-phish/FHook

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
client.py
client.py
 
 
client_requirements.txt
client_requirements.txt
 
 
server.py
server.py
 
 
server_requirements.txt
server_requirements.txt
 
 

Repository files navigation

FHookC2

fhook

FHookC2 was developed on top of PythonRAT by Safesploit. You can find their GitHub here.

FHook is a Command and Control server which allows an individual to accept connections from multiple remote clients via a remote access tool. This is only for educational purposes, please do not use this to perform any form of illegal activity and always get permission prior to remoting into an individuals device.

C2 Features

  • Tracks current working directory
    • Enables server to change directories on the client
  • TLS encryption
  • Gives basic host machine information
  • Check user privileges
  • Download file from client
  • Upload file to client
  • Single file encrpytion
    • Encrpytion key is stored in client memory
    • Encryption key is sent to the server
      • Key name is based off the file that was encrypted
  • User directory encryption
    • Encrpytion key is stored in client memory
    • Encryption key is sent to the server
      • Key name is based off the username the directory that was encrypted
  • Screenshot of the users main display
    • Image is stored in the clients memory
    • Image is sent to the server
  • Webcam Picture
    • Picture is taken via the webcam and stored in clients memory
    • Picture is sent to the server
  • Persistence
    • Registry
      • Server can give a registry name and the target file to create persistence
    • Startup
      • Server can give the target file to add to the startup folder
  • Steal Browser Passwords
    • Google Chrome
      • Loads passwords into a byte array and sends to the server
  • Steal Browser Cookies
    • Google Chrome
      • Loads cookies into a byte array and sends to the server

Dependencies

Server

pip install -r server_requirements.txt

Client

pip install -r client_requirements.txt

OpenSSL

Download OpenSSL to create a certificate.

Windows

Download the correct version here.

Linux

sudo apt install openssl

Creating the certifcate

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

Change SERVER IP

Please ensure that you change the server IP address from "SERVER IP" to your servers (i.e the attackers) IP address. Both server.py and client.py have this string that needs to be replaced. serverip clientip

Create Exe

Install pyinstaller python package

pip install pyinstaller

Use pyinstaller to create an exe from your client python script.

pyinstaller --onefile --noconsole client.py

This should create client.exe inside of a dist (distribution) folder.

Command Help

Selection Menu

target_manual

Target Commands

manual

Initial Connection(s)

initial_conn

Show All Targets

targets

Select Target

cwd

About

FHook is a Command and Control server which allows an individual to accept connections from multiple remote clients via a remote access tool.

Topics

python reverse-shell persistence malware python3 rat payload c2 command-and-control remote-access-trojan windows-malware

Resources

Readme

License

MIT license
Activity

Stars

12 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases 2

FHookC2-v1.02 Latest
Jun 29, 2023
+ 1 release

Packages

No packages published

Languages