GC2 - Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive

Nov 4, 2021

GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive.

Why

This program has been developed in order to provide a command and control that does not require any particular set up (like: a custom domain, VPS, CDN, ...) during Red Teaming activities.

Furthermore, the program will interact only with Google's domains (*.google.com) to make detection more difficult.

PS: Please don't upload the compiled binary on VirusTotal :)

Set up

  1. Build executable
    git clone https://github.com/looCiprian/GC2-sheet
    cd GC2-sheet
    go build gc2-sheet.go
  2. Create a new google "service account"Create a new google "service account" using https://console.cloud.google.com/, create a .json key file for the service account
  3. Enable Google Sheet API and Google Drive APIEnable Google Drive API https://developers.google.com/drive/api/v3/enable-drive-api and Google Sheet API https://developers.google.com/sheets/api/quickstart/go
  4. Set up Google Sheet and Google DriveCreate a new Google Sheet and add the service account to the editor group of the spreadsheet (to add the service account use its email)

    Sheet Permission

    Create a new Google Drive folder and add the service account to the editor group of the folder (to add the service account....

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023