Skip to content

tomp332/The-Covid-Framework

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
media
media
 
 
production
production
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation


Email Linkedin Tweet Github

Table of contents

About

This project's main goal is to create an exploitation framework and an all in one website to maintain an exploitation session. It provides built in functions in order to execute remote code on a target machine. In this project we tried to combine an open-source UI based project with the also the client side being open-source as well. With the CovidFramework you can setup your own environment with a full compatible exploitation framework server and client.

TheCovidFramework has it built with 3 main parts:

Covid Server:
  • Express Nodejs server
  • Grafana in order to inject different iframes to the frontend
Covid App:
  • React frontend
  • Nginx in order to serve as a proxy for the React application
Covid client:
  • C++ Malware that uses Winapi user mode functions in order to interact and execute all sorts of built in commands.

Setup

  1. Clone project
git clone https://github.com/tomp332/The-Covid-Framework.git

cd The-Covid-Framework/production
  1. Edit the docker-compose.yml file with your specified port and domain\ip to host the backend services
  • Get a MongoDB url in order to connect to your specified data storage.
  • Specify your connection url in the docker-compose.yml file:
      <line 11> - ATLAS_URI_MONGO=<MongoDB url for connection>
  • Fill in your domain where you would like to host all Covid services:
      <line 9> - HOST=<Your Server Domain\IP>
      <line 24> - REACT_APP_API_URL=<Your server Domain\IP>
  1. If you would like to generate your own certificates instead of the default ones, generate and overwrite the following files:
  • production/certs/cert.pem - your public key
  • production/certs/privkey.pem - your private key

Usage

To run all Covid services:

cd production

docker-compose up

Commands

Command Description
Wifi Passwords Get all stored wifi passwords
Persistence Taskscheduler based persistence
Chrome passwords Get all stored local chrome passwords
Privilege escalation P.E based on fodehelper
Change background image Change background of the infected computer
Upload/Download files Retrieve or upload files
Location Live location based on wifi routers around, or public IP address
Login popup Prompt login popup for user login credentials
Webcam picture Take a live webcam picture from the infected computer
Chrome browser history Get all browser history from Chrome

Frontend UI ScreenShots

Contributors

Contact

Feel free to open issues and contact us with any question 👍

Email Linkedin Tweet Github

Disclaimer

You shall not misuse the information to gain unauthorised access. However, you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.

Enjoy 🤘

About

The Covid Framework full repo

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages