SPECTRE RAT

Это инструмент удаленного администрирования, предназначенный для управления и контроля ботов по протоколу MQTT со сквозным шифрованием. Он предоставляет графический интерфейс для взаимодействия с ботами, включая такие функции, как доступ к оболочке, передача файлов, захват скриншотов и очистка соединения.

Особенности

GUI Interface:

Device Table: Lists connected bots with their IP, hostname, OS, status, and last ping. Context Menu: Right-click on a bot to access plugins (Shell Access, Take Screenshot, Clean Connections, etc.). Settings: Configure the MQTT broker, topic, and encryption key under "Settings".

Plugins:

Shell Access: Navigate the bot's file system, execute commands, download/upload files, and execute files. Take a Screenshot: Capture a screenshot from the bot and save it to the downloads folder. Clean Connections: Remove unresponsive bots from connections.json after pinging them.

Security:

Encryption: All MQTT communication is encrypted using AES-GCM with a single key stored in settings.json on the GUI side and hardcoded into each bot. Topic-Based Access: The MQTT topic is a shared secret for access control.

Project Structure:

SPECTRE.py: Main GUI application. SPECTRE_Stub.go: Bot stub template, compiled into an executable for each bot. plugins/: shell_access.py: File explorer and shell command execution. screenshot.py: Screenshot capture functionality. cleaner.py: Removes unresponsive bots.
data/: settings.json: Stores the encryption key and MQTT settings. connections.json: Stores bot connection details.

Download | Github

#malware