 |
Marko Kosmajac is not responsible for any misuse, damage caused by this script or attacking targets without prior mutual consent! It is your responsibility to obey laws! |
Calamity is for education/research purposes only. The author takes NO responsibility and/or liability for how you choose to use any of the tools/source code/any files provided. The author and anyone affiliated with will not be liable for any losses and/or damages in connection with use of ANY files provided with Calamity. By using Calamity or any files included, you understand that you are AGREEING TO USE AT YOUR OWN RISK. Once again Calamity and ALL files included are for EDUCATION and/or RESEARCH purposes ONLY. Calamity is ONLY intended to be used on your own pentesting labs, or with explicit consent from the owner of the property being tested.
Calamity is a Remote Administration Tool (RAT) written in Python using HTTP as a C&C.
Run the flask server on your machine.
Calamity is a facebook clone, working with some fake approutes.
Saves all output from the client to a file on your server
Displays the current statuscode/command variable
Renders form to change statuscode/command variable
Post to change to statuscode/command variable
Post to change to statuscode/command variable
Instructions to run on the client should be placed in update.py at the bottom:
- Some basic instructions were added as a default e.g: dir, whoami, ipconfig, ...
- Statuscode 98 means 'Do Nothing & Wait for a change'
- Statuscode 99 means 'Post Data to server'
- !!! Do not change these 2 statuscodes unless you know what you are doing !!!
You are free to add any feature you want to this remote administration tool.
I have added 3 default ones:
- Collect Google Chrome Passwords
- Collect all WiFi Passwords
- Collect public IP
See LICENSE