BlueBreaker is a simple tool to exfiltrate data by passing commands to an implant through a Mastadon instance and by later retrieving the results by using the Dropbox API.
Demo.mp4
The server relies on a Mastadon account, this account needs to be able to post to the public timeline or unlisted toots. To set the configuration file please create a config.toml file in the server directory and fill it with the following information:
server = "Mastadon instance URL"
auth_token = "Mastadon auth token"
dropbox_token = "Dropbox API token"After that you should download the required dependencies by running:
pip install -r requirements.txtThe implant relies on the Dropbox API to upload the results of the commands. To set the configuration file please create a config.toml file in the agent directory and fill it with the following information:
server = "Mastadon instance URL"
user_id = "Mastadon user ID"
dropbox_token = "Dropbox API token"After that you should download the required dependencies by running:
pip install -r requirements.txtTo start the server you should run the following command:
./Server/run.pyTo start the implant you should run the following command:
./Implant/run.py- 1.0.0
- Initial release
- Improve stability
- Improve network fingerprint
- Improve human like interaction
- Improve server side
This tool is for educational purposes only. Running this tool against hosts that you do not have explicit permission to test is illegal. You are responsible for any trouble you may cause by using this tool.